When is the OpenVPN tab firewall rules effective?



  • Hi there!

    I haven't been able to figure out what conditions need to be met for the firewall rules specified at the OpenVPN tab to be effective.
    I thought they should effect traffic going over the OpenVPN client connection that I've set up, but no matter what kind of rules I specify, they don't seem to have any effect what so ever. Maybe these rules are just evaluated after all other rules specified on other tabs. That must be it, right?

    Just curious, it would be good to know.  ;D


  • Rebel Alliance Developer Netgate

    Rules on the OpenVPN tab are evaluated on the inbound path, like any other rules. So they apply to traffic coming from the VPN clients into your network.

    If you have your OpenVPN interfaces assigned, the rules on the OpenVPN tab still apply, but they are evaluated before the rules on the assigned interfaces tab.

    You can also make floating rules that apply in either direction to the vpn traffic, and those are evaluated before any other rules.



  • Thanks a lot jimp for the explanation. I see now why the rules that I specify has no effect. It's because I haven't configured any OpenVPN server on the pfSense machine, only a client.  ;D


Locked