OPNsense Forum

Archive => 20.1 Legacy Series => Topic started by: murmelbahn on March 07, 2020, 12:35:09 pm

Title: Allow internet access only over one gateway
Post by: murmelbahn on March 07, 2020, 12:35:09 pm: Hi all,

I'm using a WireGuard VPN to Mullvad. If configured an interface and a gateway for this. I've created a rule for a alias to use the WireGuard gateway. This works fine for me. The next step would ne to deny internet access for the alias if the interface is down. I've created a second rule to deny any traffic. But this sadly doenst work. Attached is a screenshot which shows the rules for my lan. Maybe someone can help me to configure this correct.

Thanks in advance!
Title: Re: Allow internet access only over one gateway
Post by: Maurice on March 08, 2020, 12:42:49 am: Try the Skip rules setting (Firewall / Settings /Advanced):
Quote
By default, when a rule has a specific gateway set, and this gateway is down, rule is created and traffic is sent to default gateway.This option overrides that behavior and the rule is not created when gateway is down

Cheers

Maurice
Title: Re: Allow internet access only over one gateway
Post by: murmelbahn on March 08, 2020, 01:02:28 pm: Hey Maurice,

thanks for your suggestion. Sadly the behavior is still the same. When I disable the Gateway the IP is using the "real" WAN connection.

Any other tipps?

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy