Allow internet access only over one gateway

Started by murmelbahn, March 07, 2020, 12:35:09 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
March 07, 2020, 12:35:09 PM
Hi all,

I'm using a WireGuard VPN to Mullvad. If configured an interface and a gateway for this. I've created a rule for a alias to use the WireGuard gateway. This works fine for me. The next step would ne to deny internet access for the alias if the interface is down. I've created a second rule to deny any traffic. But this sadly doenst work. Attached is a screenshot which shows the rules for my lan. Maybe someone can help me to configure this correct.

Thanks in advance!
March 08, 2020, 12:42:49 AM #1
Try the Skip rules setting (Firewall / Settings /Advanced):
QuoteBy default, when a rule has a specific gateway set, and this gateway is down, rule is created and traffic is sent to default gateway.This option overrides that behavior and the rule is not created when gateway is down

Cheers

Maurice
OPNsense virtual machine images
OPNsense aarch64 firmware repository

Commercial support & engineering available. PM for details (en / de).
March 08, 2020, 01:02:28 PM #2
Hey Maurice,

thanks for your suggestion. Sadly the behavior is still the same. When I disable the Gateway the IP is using the "real" WAN connection.

Any other tipps?
Print
Go Up Pages1
User actions