Openvpn allow all rule, security risk?



  • Hello everyone,

    I just setup a site-site VPN to push some of my home network traffic through. The other end of the VPN is an untrusted VPS that I do not want to allow access to my LAN. For now I have an allow all from anywhere rule on the VPN interface under Firewall: Rules. Is this an improper setup and putting me at risk? Do I even need this rule to only push traffic from my home through the vps and out to the internet? Thanks!


  • Rebel Alliance Global Moderator

    So your vpn needs unsolicited inbound traffic to your network?  I doubt that if your just using it as a exit point for your internet traffic.

    Think of vps as another wan connection, do you allow all inbound on your wan? ;)



  • @johnpoz:

    So your vpn needs unsolicited inbound traffic to your network?  I doubt that if your just using it as a exit point for your internet traffic.

    Think of vps as another wan connection, do you allow all inbound on your wan? ;)

    Gotcha, I wasn't sure if it was only for inbound traffic. I disabled the rule entirely and things still seem to be working. Thanks for helping me understand!