Inspecting OpenVPN traffic on the VPN head-end pfSense appliance.
-
Does anyone have any experience or recommendation on how to inspect VPN traffic between two nodes running the VPN client-side SW when both nodes are connected to the same VPN head-end pfSense appliance? I will call this traffic East-West traffic and each nodes traffic is basically doing a u-turn at the VPN head-end pfSense appliance. Is there a way on the backplane (via another NIC perhaps) to insert between the VPN tunnel endpoints a logical inspection point where the traffic is outside of the VPN tunnels enabling me to pass that traffic through my external IDS and IPS?