VPN clients pass as "let out anything from firewall host itself"

GaardenZwerch · April 22, 2020, 11:36:56 AM

Hi,

I have an IPSec road-warrior setup, and I need to restrict what clients can access on my local Networks.
I have configured rules for that on the IPSec interface, with everything that is allowed, and a 'reject all' rule at the end.
However, my clients can access anything nevertheless and the log says "let out anything from firewall host itself" which is effectively autogenerated as a floating rule, but not labelled as 'quick'.
Where am I going wrong, or how can I solve this?

Thanks a lot in advance,
Frank

VPN clients pass as "let out anything from firewall host itself"

GaardenZwerch

April 22, 2020, 11:36:56 AM