OpenVPN Tab within the Firewall Rules Page

2.0-RC Snapshot Feedback and Problems - RETIRED
Log in to reply
  • C

    I use both Road Warrior and a Site2Site(shared key). When I first create the road warrior setup, an OpenVPN tab is created under the Firewall Rules page. I create the Site2Site setup and no new tab is created under the Firewall Rules page.

    I enable logging under the default allow all rule within the OpenVPN Rules tab. I noticed in the firewall log that this rule tab is used for both my Road Warrior and my Site2Site tunnels. How would I setup rules for each tunnel differently? Would I have to assign ovpns1 and ovpns2 to interfaces under the Interfaces page? And if I do that, would the OpenVPN Rules Tab then be used for both interfaces or would it be unusable?

    For the most part, the Road Warrior will be allowed all but I want to limit the Site2Site access.

    0
  • jimp
    Rebel Alliance Developer Netgate

    If you craft the firewall rules properly (specify the source subnet for each remote network), then you do not need multiple tabs or to assign interfaces.

    You can assign interfaces if you want, but it really isn't necessary if you setup the rules the right way, like so:

    pass * from roadwarrior_subnet to <road warrior="" stuff="">pass * from site2site_subnet to</road>

    0
  • C

    I didn't think about…. That should work nicely.. Thanks for your suggestion :-)

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2021 Rubicon Communications, LLC | Privacy Policy