Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Assigning OpenVPN interfaces and firewall rules

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    3 Posts 2 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • GruensFroeschliG
      GruensFroeschli
      last edited by

      From 1.2.3 i'm used to force different openvpn tunnels to specific tuns and assign them as OPTs.

      Since we have with 2.0 a new firewall tab for openvpn i'm not sure how to work with this.
      I recently needed the IGMP proxy to work through a VPN tunnel.
      For this i assigned the tunnel as OPT and enabled the proxy on it.
      However now there is a tab for the OPT and OpenVPN in general.

      In what order are the tabs/rules processed?
      Does it even matter if rules are on one tab or the other?
      Or does ot behave like with floating rules and interface specific rules?

      We do what we must, because we can.

      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

      1 Reply Last reply Reply Quote 0
      • E
        eri--
        last edited by

        Well in the new tab you can put more specific rules.
        Though if you are happy with what you have under the general rule than its ok.

        You can easily consider OpenVPN tab as a interface group, under the hood its the same and probably would make sense to have it show up in interface groups by default.
        I will create a TODO on redmine for this to not be forgotten.

        Hoepfully that answers your question.

        1 Reply Last reply Reply Quote 0
        • GruensFroeschliG
          GruensFroeschli
          last edited by

          Yes this helps.
          Thanks.

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.