Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: spetrillo on July 06, 2024, 04:54:46 PM

Title: Remote Backup Across a WG VPN
Post by: spetrillo on July 06, 2024, 04:54:46 PM
Hello all,

I have a VPN rule on the receiving side that allows WG access to all internal vlans. On the same firewall I have one vlan that I have purposely not set any rules, so it is isolated. It is a vlan for storage related items. Which rule trumps the other?

Thanks,
Steve
Title: Re: Remote Backup Across a WG VPN
Post by: Patrick M. Hausen on July 06, 2024, 05:08:36 PM
Depends on which interface (or floating) the rules are defined on and on which interface a packet we want to consider hits the firewall first.

Assuming you use "in" and "quick" rules as recommended for most cases any packet is matched against the rules and treated as the first matching rule dictates.

Rules are applied in the order

- floating
- interface groups
- interfaces

and then from top to bottom until one matches.
Text only | Text with Images