Firewall Rules not working

yupq6wlc79ts · Dec 25, 2018, 3:16 PM

Yes, OpenVPN.

(sorry for late reply, since I am a new user with no reputation, I have to wait 120 seconds before I can reply, lol)

Konstanti · Dec 25, 2018, 3:20 PM

@yupq6wlc79ts
NordVpn Openvpn client setting
Check this option

yupq6wlc79ts · Dec 25, 2018, 3:21 PM

It wasn't checked. I checked it and tested the device by enabling the rule, No Internet on that device.

Konstanti · Dec 25, 2018, 3:31 PM

This post is deleted!

yupq6wlc79ts · Dec 25, 2018, 3:29 PM

Konstanti · Dec 25, 2018, 3:32 PM

@yupq6wlc79ts
all right now.
check nat / outbound for wan interface

yupq6wlc79ts · Dec 25, 2018, 3:33 PM

Konstanti · Dec 25, 2018, 3:35 PM

@yupq6wlc79ts
Here is and mistake
no nat rule for wan 192.168.1.0/24
It is necessary to add

yupq6wlc79ts · Dec 25, 2018, 3:36 PM

The reason was, It kinda acts as a kill switch. If the VPN goes down, no devices will be able to connect to the internet.

But my 5 devices aren't on VPN, so they should still be connected. What do I need to add/change here?

Konstanti · Dec 25, 2018, 3:43 PM

@yupq6wlc79ts
Add a nat outbound rule for the 192.168.1.0/24 on the wan interface as I showed in the picture
and 5 devices will be able to access the Internet via wan
Do not delete anything

yupq6wlc79ts · Dec 25, 2018, 3:44 PM

Tada!

@Konstanti - Thank you so much. That worked. I think I get now what you were saying earlier (no nat rule for wan), makes sense now that I get it. Lol.

Appreciate it.

So now, for each device I want to connect to WAN, I'll have to manually add the entry in the Firewalls - Rules? Any way I can combine all 5 of them in 1?

Konstanti · Dec 25, 2018, 3:47 PM

@yupq6wlc79ts
It is possible to allocate them in a separate subnet ( as I have done)
or create an alias firewall / alias ( write there all 5 ip)
and then use the alias in the rule as a source.
Then the rule will be one