Block Outgoing traffic if Openvpn goes down

Shareria · Jul 29, 2011, 7:39 PM

Hi,

congratulations to PFSense. I like it, even if i have a small Problem:

I'am trying to block outgoing traffic if my OpenVPN not works. My config actually is:
WAN - WWW Gateway
LAN - "OpenVPN only Area"

Is there any way to enable a firewall rule like

LAN net * * * * none Default allow LAN to any rule
WAN net * LAN net * * none Default allow wan to lan rule
TCP/UDP * * * * * none block all rest

depending on the OpenVPN Status. It should work like this:
OpenVPN OK -> rule is enabled, all traffic can pass through
OpenVPN NOK -> rule disabled, all outgoing lan traffic is blocked

Greetings
Shareria

ericab · Jul 29, 2011, 8:29 PM

*    WAN net    *    LAN net    *    *    none         Default allow wan to lan rule

O___o !!

Metu69salemi · Jul 29, 2011, 9:32 PM

Haven't done this, but you could try to make openvpn to your gateway or route by lan rule and after that rule block anything.

Shareria · Jul 29, 2011, 10:09 PM

@ericab: My WAN is behind another HW-router

@Metu: I tried to make a Gateway but i havent a static openvpn ip and i cant inster an alias as gateway