OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • [SOLVED] IPSec Firewall Policy Security
« previous next »
  • Print
Pages: [1]

Author Topic: [SOLVED] IPSec Firewall Policy Security  (Read 3913 times)

pbolduc

  • Newbie
  • *
  • Posts: 42
  • Karma: 4
    • View Profile
[SOLVED] IPSec Firewall Policy Security
« on: February 02, 2017, 04:45:53 pm »
Hi there,

On a previous hardware firewall I was able to control the type of service groups (ports) that pass through my IPsec tunnels. I noticed with OPNsense that am unable to customize the firewall service groups (ports) allowed through the IPsec VPN tunnels. I am aware that I can use custom subnetting to allow access to a certain block of computers through the VPN but I would also like to define the service ports via a firewall group to apply to certain IPsec traffic. Does anyone know if this feature will be available at some point?
« Last Edit: February 02, 2017, 06:39:22 pm by pbolduc »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13699
  • Karma: 1178
    • View Profile
Re: IPSec Firewall Policy Security
« Reply #1 on: February 02, 2017, 05:04:33 pm »
Hi,

Under Firewall: Aliases you can add Port "Groups", which you can assign from the Firewall Rules (so also for IPsec).


Cheers,
Franco
Logged

pbolduc

  • Newbie
  • *
  • Posts: 42
  • Karma: 4
    • View Profile
Re: IPSec Firewall Policy Security
« Reply #2 on: February 02, 2017, 05:57:21 pm »
I should have included screenshots. Sorry to be a pest I am obviously misunderstanding the firewall policy terminology. I've attached two screenshots indicating what I mean and a third screenshot showing my pre-configured Firewall Ports group.
« Last Edit: February 02, 2017, 06:09:40 pm by pbolduc »
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13699
  • Karma: 1178
    • View Profile
Re: IPSec Firewall Policy Security
« Reply #3 on: February 02, 2017, 06:22:25 pm »
No worries, this is easy: for ports to be specified you need to select protocol TCP, UDP or both.


Cheers,
Franco
Logged

pbolduc

  • Newbie
  • *
  • Posts: 42
  • Karma: 4
    • View Profile
Re: IPSec Firewall Policy Security
« Reply #4 on: February 02, 2017, 06:39:03 pm »
Thank you so much!  I forgot to toggle my Protocol setting from "Any" to "TCP/UDP".
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • [SOLVED] IPSec Firewall Policy Security
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2