Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Traffic not blocked anymore on default setting

    OpenVPN
    2
    2
    273
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      w.hackl
      last edited by

      Hi there ,

      i'm fascinated about a curious problem.

      Configured OpenVPN server with local Ip 192.168.0.254/24 and a WAN address. Currently PFSense 2.6, ipv6 disabled

      Configured a OpenVPN Client with site2site VPN Settings and Certificates connecting to OpenVPN server. Lan Address 192.168.1.254/24. Currently PFSense 2.7 ipv6 disabled

      Client PFSense is connected , no Rules on OpenVPN Interface (should then block everthing as in the PfSense releases before ) and the LAN Client ( eg. 192.168.1.10 ) can ping every host in the 192.168.0.0/24 net.
      If i set a blocking rule on OpenVPN Interface with IPv4/IPV6 any / any blocked the traffic is still going through the interface.

      Why is this working now ?

      ( little bit confused )

      Regards Wolfgang

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @w.hackl
        last edited by

        @w-hackl
        Rules have to be defined on the incoming interface in pfSense.

        Traffic from a client side LAN device enters the LAN interface, goes out on the OpenVPN and enters the VPN interface at the server side.

        So you can either block it on the clients LAN or on the server VPN interface.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.