Openvpn firewall rule
-
hi, i have trying to setup firewall rule for my openvpn users, i have configured the opt interface for openvpn(tun0), i have enable it and set none on ip address.
after that i have go to rules select new interface called openvpn and i have created a new rule, but when i issue the apply button the gui return me with an error related to syntax.
to clarify:
php: : There were error(s) loading the rules: /tmp/rules.debug:206: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [206]: pass in quick on $openvpn inet proto icmp from /32 to any icmp-type echorep keep state label "USER_RULE"
this happen when add a rule to the openvpn interface
block
from: openvpn subnet
to: any
protocol: icmp
type: anyif i change openvpn subnet to any( as source) no error is displayed, but the rule not work.
i use pfsense ver 1.2.3
how can i enable traffic filter on openvpn without encountering errors?
Thanks
Giulio -
-
hi jimp thanks for reply, i have followed this guide but i can't figure out what is wrong.
i have checked the interface and it is tun0 on server and on client, but any rule configured on interface tun0 won't apply.
pls advice
-
If you follow the instructions there exactly, it works. I've done this dozens of times.
-
i have follow the instruction on the link you have advice, i have changed on custom configuration adding dev tun9(for example) also configured the optx interface with tun9 then i disable/enable the openvpn server and i still go anywhere on my network else if i have permitted only icmp protocol.
perhaps i missed something… i don't know but pls someone can explain me step by step.
thanks
-
hi, i have read the guide in the book you have wrote "pfsense the definitive guide" and i have solved my issue because the process is explained very well.
Thanks for all advice.