Deny bypassing the OpenVPN tunnel?
-
Hi,
I have the following scenario at the moment:
pc1–+
pc2--+---switch---pfSense=========server
pc3--+== means VPN tunnel
pfSense box is configured as the VPN client, the server acts as the gateway to the internetWhen I disable the tunnel by shutting down the server, the clients (pc1-3) access internet through the pfSense WAN interface. Thus they are bypassing the VPN tunnel.
I tried a few rules, but I can't block the packets without harming the complete output including the VPN packets.tunnel is 10.8.0.0/24
LAN clients are 10.0.0.0/8I tried blocking ANY from LAN where destination IS NOT 10.8.0.0/24
It didn't worked, as the destinations are still WAN adresses in the packets and only the gateway is 10.8.0.1, i guess.
Should i try to manipulate the static routes?