Hello,
When using the old "VPN: IPsec: Tunnel Settings" each phase 1 had firewall rules created automatically in "Firewall: Rules: Interface", allowing the remote and local ipsec peers to communicate with each other.
I want to know if VPN: IPsec: Connections [new] not creating these automatic firewall rules is a design choice, or if it should happen and it just doesn't work for me.
I defaulted to recreating the IPsec rules manually and use an alias group in it for all remote IPsec peers.
I think that's a feature as people tend to complain about automatic rules.
Cheers,
Franco
Thanks for the answer.
I personally don't mind it either way. It just might suprise some people who migrate their tunnels from the old into the new gui.
FWIW, it's documented here: https://docs.opnsense.org/manual/vpnet.html#firewall-rules
"The new connections feature does not offer this and (WAN) rules have to be specified manually in order to connect to IPsec on this host."
Cheers,
Franco
Thank you, I will search the docs next time.
No problem. We tried to make sure this is mostly covered in the docs also for the upcoming OpenVPN instances GUI. :)
Cheers,
Franco