Want to Block 1IP from using Internet when VPN goes down
-
If you don't want traffic from 192.168.0.11 to go out WAN at all, why are you policy routing it out WAN?
-
if your talking about from the picture above the 2nd from the bottom
i dont... but if i dont put that rule in there... and i turn off both VPN's
the rules skip the 2 rules below Game Consoles and goes straight to the last Line..so i put rule just above it... and its TAG No WAN EGRESS so it blocks using WAN
-
figured that was better then saying Block 192.168.0.11 * * * in the rules
unless thats better then the TAG i just figured it was a better block if not ill change it -
is this more proper then
-
@Derelict
I have 1 more question if you might know..
the no_wan_egreess works as long as my vpn I don't check the box "Don't Pass Routes"
if I enable it... The IP Address I have Tag NO WAN EGRESS is automatically blocked yet should be using the VPNbut I notice I need to check Don't Pass Routes to get my XBOX to work bypass VPN
do you know how to get get the rule to work for the VPN and TAG No Wan Egress when you check "Don't Pass Routes"
and should I be using that check box or not... whats the difference I tried googling info but I didn't find info
if you have a link that explains the 2 be good toobut I figured I ask you about that since your very smart at this stuff
-
so having the check mark Dont Pass Routes... still leaks dns yet i dont see it...
i get email from my isp i done suspicious things but i didnt
i run www.dnsleaktest.com on the 192.168.0.11 and it shows 1 server my NordVPN
yet it must be leakingis there another program that runs on windows that securly checks this stuff?
as this No Wan Egress isnt working
least it seems to work only when "DO Not Pull Routes" is not Checked.
when its checked it seems to leak or not work rightis there a way to test this and i read some articles you want Do Not Pull Routes other times you do .. how do you know when
-
I'm not sure that people appreciate how complicated what you are trying to do is.
-
sorry then ill figure out myself
didnt think it was complicated for you guys just for me
cuz i guess it works fine if Do not pull routes... yet XBOX doesnt work for OPen Nat
and when i do check off pull routes No WAN Gress does not kick in instantly like it does when "do not pull routes " is not checked... and Xbox Works Open Natvery sorry for troubling you guys then.. i wont ask again
have a good weekend
-
It's not complicated for me. It would just take me three hours I don't have to explain it to you.
You need to understand:
- Policy routing and what it is and is not
- The routing table and what it is and is not
- What Don't pull routes actually does with your chosen VPN provider
- How DNS actually works
- How connections originating from the firewall itself apply in all of the above
- How tagging and matching tagged in pf works
I suggest watching https://www.youtube.com/watch?v=lp3mtR4j3Lw
-
Think you forget the 0 on your 3 there Derelict... Your 4 days in already.. ;)
This is clearly simple facebook sort of post -- suggest you get your help over there since you don't seem to want to take Derelicts ;) Sure they help you out in couple of mins..