"
I'm fairly new to OPNSense and I recently configured a gateway to connect to my Mullvad VPN over wireguard.
I set up a lan alias for a certain IP range and then set rules sending that alias to the VPN gateway and blocking it from the normal gateway. So far everything works (almost) as expected.
- Anything in the designated IP range gets sent through the VPN.
- If I disable the VPN gateway, then that traffic is blocked from the regular gateway and no connections can be made.
Here's my issue. If I put my PC in the VPN range and start downloading a file, or if I'm connected to steam. Then go into OPNSense and DISABLE the VPN gateway. I can still send messages in steam and the files will keep downloading even though the VPN gateway has been disabled.
Is there a reason this happens? I'm assuming it's because the connection has already been made (new connections/dns requests fail even when the download continues.), and therefore the traffic is still getting redirected though the VPN. Is there a way to confirm that this information isn't leaking through the normal gateway? Or even better to just make all traffic stop if the gateway gets disabled?
Thanks,
I set up a lan alias for a certain IP range and then set rules sending that alias to the VPN gateway and blocking it from the normal gateway. So far everything works (almost) as expected.
- Anything in the designated IP range gets sent through the VPN.
- If I disable the VPN gateway, then that traffic is blocked from the regular gateway and no connections can be made.
Here's my issue. If I put my PC in the VPN range and start downloading a file, or if I'm connected to steam. Then go into OPNSense and DISABLE the VPN gateway. I can still send messages in steam and the files will keep downloading even though the VPN gateway has been disabled.
Is there a reason this happens? I'm assuming it's because the connection has already been made (new connections/dns requests fail even when the download continues.), and therefore the traffic is still getting redirected though the VPN. Is there a way to confirm that this information isn't leaking through the normal gateway? Or even better to just make all traffic stop if the gateway gets disabled?
Thanks,
