SimpleNetwork last edited by
I am playing around with openvpn and I noticed something strange.
When I setup the vpn through port 443 on my pfsense box, on my personal computer I noticed a lot of strange inbound connection attempts in the security logs only on 443. I have auditing turned on for failed connections and there were about 50 attempts on this port only. After I deleted the port forward rules the OpenVPN wizard made, these attempts went away.
I am going to run this experiment again later this week to confirm these attempts are related to the firewall rule.
How does this make sense? Wouldn't my pfsense box only need 443 open on it's wan port to authenticate the VPN? Why does it actually pass through to my LAN? I don't mind people scanning and messing with my wan side open port as much as getting through to the LAN and scanning my machines.
Is there a way to configure this better so that people aren't trying to connect to my pcs?
divsys last edited by
After I deleted the port forward rules the OpenVPN wizard made, these attempts went away.
The Wizard should not have made (nor do you need) any Port Forward rules to allow OpenVPN working on port 443.
What you do need is a Firewall rule on the WAN interface allowing in traffic bound for port 443 destined for the WAN address (either TCP or UDP depending on your OpenVPN server).
If you have a Port Forward rule as well, something is not right.
The openvpn wizard does not create a port forward, it does create a rule on your wan for the port you use for that vpn instance.
How would a port forward to your pfsense lan IP allow for scanning of your "machines" even if you did create the forward..