OPENVPN-ROUTE-STRANGE-BEHAVIOUR
-
Hi,
I create vpn subnet IPv4 Tunnel Network 10.168.9.0/24 going to only local IPv4 Local network(s) 192.168.9.0/24
on windows everything work fine ! the vpn connect and i can only access the specefic route only
on linux different thing happend. I can access any subnet on IPv4 Local network(s).
So to ensure integrity of security i apply rule allow and deny.
Question ? what cause linux to go out of the specefication of the tunnel ! how does linux capable of going on another subnet
thank's
-
@Jimbohello said in OPENVPN-ROUTE-STRANGE-BEHAVIOUR:
I create vpn subnet IPv4 Tunnel Network 10.168.9.0/24 going to only local IPv4 Local network(s) 192.168.9.0/24
What you did here is stating this subnet at "Local Networks" in the server settings, I guess.
But this is no security option at all. This just pushes the route for the stated subnets to the client. But it's on the client to set the route on its own.
This is out of your control.The Linux Network Manager routes all upstream traffic over the VPN if you don't limit this in the settings.
If you want to restrict access to an certain subnet set the firewall rule on the VPN interface accordingly.
I guess, recently you have an allow any to any rule. -
Thank’s
That what i already do in the firewall rule.
So if i can do nothing else and it’s out of my control.
I am then doing the right thing already
Thank’s for the answer
-
No my firewall rule only accept specific vpn network to specific local subnet
The linux behaviour was exacly a test on any/any
Therefor i found this issue where windows obey and linux does not give a shit:)