OPNsense Forum

English Forums => Virtual private networks => Topic started by: Lip90 on February 03, 2023, 11:24:51 pm

Title: Question Wireguard VPN Gateway
Post by: Lip90 on February 03, 2023, 11:24:51 pm

I installed a VPN Gateway with this manual https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html (https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html).

A few clients use the VPN gateway from LAN to WAN.

How can I ensure that the vpn gateway does not allow connections to my lan?

Title: Re: Question Wireguard VPN Gateway
Post by: tiermutter on February 04, 2023, 10:39:19 am

As long as there is no rule for WG interface allowing traffic to LAN, it will be blocked.
For sure clients connected to LAN using this gateway will be able to access LAN (but not when traffic is initiated from WG client IP), there is no way to block them (LAN to LAN), except using WG as default route in client config (if you intend to "block" those clients).