Author Topic: Filter over ipsec (Read 855 times)

maurotb · « **on:** March 04, 2022, 09:10:19 am »

Hi,
we have make a point to point ipsec tunnel, in my fw rule under ipsec i have an autogenerated rule "IPsec internal host to host" with all ipv4/ipv6 permit for out packet.
I put this an rule with deny ip , direction in.

Remote site cannot ping my site. ok good
Now if i ping an ip to other site, opnsense make an row in state table, now remote site from this ip can ping me.
Why?
Thanks

Author Topic: Filter over ipsec (Read 855 times)

maurotb

Filter over ipsec