1. Home
  2. pfSense® Software
  3. Firewalling
  4. Deny bypassing the OpenVPN tunnel?

Deny bypassing the OpenVPN tunnel?

  • G

    Hi,

    I have the following scenario at the moment:

    pc1–+
    pc2--+---switch---pfSense=========server
    pc3--+

    == means VPN tunnel
    pfSense box is configured as the VPN client, the server acts as the gateway to the internet

    When I disable the tunnel by shutting down the server, the clients (pc1-3) access internet through the pfSense WAN interface. Thus they are bypassing the VPN tunnel.
    I tried a few rules, but I can't block the packets without harming the complete output including the VPN packets.

    tunnel is 10.8.0.0/24
    LAN clients are 10.0.0.0/8

    I tried blocking ANY from LAN where destination IS NOT 10.8.0.0/24
    It didn't worked, as the destinations are still WAN adresses in the packets and only the gateway is 10.8.0.1, i guess.
    Should i try to manipulate the static routes?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy