Block VPN from talking with LAN
-
Hello all.
Quick background on my setup
- I have my WAN going via DHCP
I have my LAN on 10.10.1.0
I have OPT1 on 192.168.1.0
On the whole OPT1 setup I have this working for Private Internet Access VPN, this means that any device connected to OPT1 will be routed via the VPN and this works perfectly. I have a wireless access point connected directly to OPT1 as this connection goes to the other end of my house.
What I want to do is make sure that the VPN connection cannot communicate with my LAN connection.
I have setup blocks for the OPT1 connection to block LAN net and address and I have done the same on OPT1 to block LAN net and address.
My interface for Private Internet Access is called PIAVPN I have added blocks on the firewall rules to block PIAVPN on net and address and done the same on the LAN.
Everything works perfectly at the moment I just want to make sure that I have put in the correct rules to block anything on OPT1 and PIAVPN from connecting to my LAN.
I also wanted to make sure that it's safe to leave the router permanently connected to the VPN client for security etc.
Thanks all.
- I have my WAN going via DHCP
-
Unless you want inbound connections from PIA, then just remove or disable all rules on the OpenVPN tab and the PIAVPN assigned interface tab. Treat it like a WAN interface.
If you do not want OPT1 to access LAN, then place a rule on OPT1 blocking traffic to destination LAN net.
If you do not want LAN to access OPT1, then place a rule on LAN blocking traffic to destination OPT1 net.