Rules being ignored when VPN client down ?
-
Iv'e been playing with FreeOPENVPN and discovered when it's down I can still get internet access via the WAN/WAN2 even though the LAN2 rule states only to go via the VPN gateway ? The only way I can force it not to go via the WAN/WAN2 is turn off WAN and WAN2 gateways to LAN2 leaving freeopenvpn.
-
@randombits The easiest way to accomplish this is via packet tagging:
https://www.infotechwerx.com/blog/Prevent-Any-Traffic-VPN-Hosts-Egressing-WAN -
Thanks, I always assumed rules would block it but obviously not with VPN client servers. I only discovered it by accident when the VPN was down and still had access!.
-
If the VPN gateway rule is the only pass rule you can prevent it from passing traffic at all when the gateway is down by checking the option
Skip rules when gateway is down
in Sys > Adv > Misc.
That will then leave you with no pass rules on that interface. That would only work in your case during the scheduled time you have that block rule applying.Steve
-
Thanks Steve, I tried @TheNarc link and that seems to work (locked myself out the WAN at first ) I'll also turn on skip rules as you mention.