OPNsense Forum
Archive => 16.7 Legacy Series => Topic started by: pbolduc on February 02, 2017, 04:45:53 pm
-
Hi there,
On a previous hardware firewall I was able to control the type of service groups (ports) that pass through my IPsec tunnels. I noticed with OPNsense that am unable to customize the firewall service groups (ports) allowed through the IPsec VPN tunnels. I am aware that I can use custom subnetting to allow access to a certain block of computers through the VPN but I would also like to define the service ports via a firewall group to apply to certain IPsec traffic. Does anyone know if this feature will be available at some point?
-
Hi,
Under Firewall: Aliases you can add Port "Groups", which you can assign from the Firewall Rules (so also for IPsec).
Cheers,
Franco
-
I should have included screenshots. Sorry to be a pest I am obviously misunderstanding the firewall policy terminology. I've attached two screenshots indicating what I mean and a third screenshot showing my pre-configured Firewall Ports group.
-
No worries, this is easy: for ports to be specified you need to select protocol TCP, UDP or both.
Cheers,
Franco
-
Thank you so much! I forgot to toggle my Protocol setting from "Any" to "TCP/UDP".