Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN and viruses

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 669 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      WhiteTiger-IT
      last edited by

      If a user has his personal PC infected with a virus and connects to the corporate LAN with OpenVPN, there is a risk that the virus will pass from his personal PC to the LAN.
      I have no control over personal PCs and in the case I have described I do not believe that the antivirus installed on pfSense can protect the network. Unless all incoming traffic from the VPN is first scanned by the antivirus.
      However, I did not understand if this is possible, how to do it or if there is another method to protect the network.
      Thanks in advance for any advice.

      JKnottJ 1 Reply Last reply Reply Quote 0
      • JKnottJ
        JKnott @WhiteTiger-IT
        last edited by

        @whitetiger-it

        A VPN is no different than any other IP connection. If a virus can connect to other devices over the network, then it can spread. One thing in it's favour is when tun is used, routing is involved, which means it can't simply broadcast to neighbours.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        W 1 Reply Last reply Reply Quote 0
        • W
          WhiteTiger-IT @JKnott
          last edited by

          @jknott
          If I connect with a VPN, my PC acquires an IP address of the LAN. At this point, if, for example, I can ping all the devices on the LAN, then the virus can also contact the other PCs and infect them.
          For all we know, the antivirus pfSense protects the browsing and downloading / uploading files, but does not enter into play when I transfer a file from one PC to another in the network; even if one of the two PCs is remotely and connected with OpenVPN.
          If I am right, then there is no protection.

          JKnottJ 1 Reply Last reply Reply Quote 0
          • JKnottJ
            JKnott @WhiteTiger-IT
            last edited by

            @whitetiger-it

            There are firewall rules protecting your network from the Internet. You can create appropriate rules between your LAN and VPN. I have a couple of examples here. Only my ThinkPad connects to my network via VPN, Since it's trusted I don't have any rules restricting it. On the other hand, devices connecting to my guest WiFi are not trusted, so I have rules that prevent any device connected to it from communicating with anything on my LAN, other than pinging the VLAN interface.

            You have to decide if the other end of the VPN is trusted or not and configure the rules accordingly.

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              The only antivirus you might have on pfSense, clamav, only scans traffic that is cached by Squid.

              It is probably not doing anything for traffic coming over a VPN. But even if it is it's no substitute for AV on hosts where it can have far more visibility.

              Steve

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.