Deny bypassing the OpenVPN tunnel?
I have the following scenario at the moment:
== means VPN tunnel
pfSense box is configured as the VPN client, the server acts as the gateway to the internet
When I disable the tunnel by shutting down the server, the clients (pc1-3) access internet through the pfSense WAN interface. Thus they are bypassing the VPN tunnel.
I tried a few rules, but I can't block the packets without harming the complete output including the VPN packets.
tunnel is 10.8.0.0/24
LAN clients are 10.0.0.0/8
I tried blocking ANY from LAN where destination IS NOT 10.8.0.0/24
It didn't worked, as the destinations are still WAN adresses in the packets and only the gateway is 10.8.0.1, i guess.
Should i try to manipulate the static routes?