Inspecting OpenVPN traffic on the VPN head-end pfSense appliance.



  • Does anyone have any experience or recommendation on how to inspect VPN traffic between two nodes running the VPN client-side SW when both nodes are connected to the same VPN head-end pfSense appliance?  I will call this traffic East-West traffic and each nodes traffic is basically doing a u-turn at the VPN head-end pfSense appliance.  Is there a way on the backplane (via another NIC perhaps) to insert between the VPN tunnel endpoints a logical inspection point where the traffic is outside of the VPN tunnels enabling me to pass that traffic through my external IDS and IPS?


Log in to reply