4. Unusual configuration, need help on setup

Unusual configuration, need help on setup

  • X

    I'm looking to attach an openvpn vpn to a specific vlan/subnet. I have the openvpn client setup but by default it routes all of my lan traffic over the vpn. I only want to route 192.168.20.0/24 over it. How should I approach this?

    0
  • S

    That is what happens on pfsense default "Allow all" policy and when the routing is properly done. So congratulations!

    To block the traffic I did:

    • First I added one "quick" floating rule permiting my IP address to pass everything (like an antilock out rule to access the webgui).

    • Secondly I  added another "quick"  floating rule bellow it to block all ipv4/6 traffic from all the subnets that have routes on the server, with every interface selected on this rule.  I did this using an alias with every subnet that I which to block.

    • Thirdly, above the previous rule I created another  "quick" floating rule allowing only the desired subnets, or even single ips, to pass.

    All interfaces maintained their "allow all" rule. From the moment you add a floating "quick" rule to block it all, you are bound to use floating "quick" rules above the "block all" to permit access to anything you need communicating.

    That is how I did it.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy