Moin community,
version: OPNsense 25.1.10-amd64
We have exactly one OpenVPN [legacy] server configured and active.
After disabling and re-enabling this server all traffic had been blocked through the OpenVPN-interface.
The cause was that the interface "openvpn" had been disabled by disabling the legacy server as well.
After re-enabling the interface we have two entries "OpenVPN" under Firewall-Rules:
- One entry contains all the rules we had created as expected. (Mouse over shows: if=openvpn)
- The second entry contains only 13 automatically generated rules and is not needed. (Mouse over shows: if=opt1)
Opt1 is the "internal identifier" of the interface [openvpn].
My question:
Is there any chance to remove this new entry?
Could it be removed automatically after a restart? Even if I do not expect this :-)
Is it possible that in former versions the entry under rules had been created with "interface name" and in later versions with the "internal identifier"?
Thank you for your help and yes I've already searched the forum and other sources for a solution :-)
Dieter
You have one automatically created interface group. The rules on that apply to all OpenVPN instances you might have configured. The second entry is a manually assigned interface for that specific instance. It can be removed in Interfaces > Assignments.
Thank you Patrick for your super fast answer,
with your explanation and the knowledge, that a colleague has added an deactivated interface [OpenVPN] - that I have activated :-( - we got the second entry under rules.
After deactivating the interface [OpenVPN] again the second entry has gone.
Dieter