4. Deny bypassing the OpenVPN tunnel?

Deny bypassing the OpenVPN tunnel?

  • G

    Hi,

    I have the following scenario at the moment:

    pc1–+
    pc2--+---switch---pfSense=========server
    pc3--+

    == means VPN tunnel
    pfSense box is configured as the VPN client, the server acts as the gateway to the internet

    When I disable the tunnel by shutting down the server, the clients (pc1-3) access internet through the pfSense WAN interface. Thus they are bypassing the VPN tunnel.
    I tried a few rules, but I can't block the packets without harming the complete output including the VPN packets.

    tunnel is 10.8.0.0/24
    LAN clients are 10.0.0.0/8

    I tried blocking ANY from LAN where destination IS NOT 10.8.0.0/24
    It didn't worked, as the destinations are still WAN adresses in the packets and only the gateway is 10.8.0.1, i guess.
    Should i try to manipulate the static routes?

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy