[SOLVED] IPSec Firewall Policy Security

Started by pbolduc, February 02, 2017, 04:45:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 02, 2017, 04:45:53 PM Last Edit: February 02, 2017, 06:39:22 PM by pbolduc
Hi there,

On a previous hardware firewall I was able to control the type of service groups (ports) that pass through my IPsec tunnels. I noticed with OPNsense that am unable to customize the firewall service groups (ports) allowed through the IPsec VPN tunnels. I am aware that I can use custom subnetting to allow access to a certain block of computers through the VPN but I would also like to define the service ports via a firewall group to apply to certain IPsec traffic. Does anyone know if this feature will be available at some point?
February 02, 2017, 05:04:33 PM #1
Hi,

Under Firewall: Aliases you can add Port "Groups", which you can assign from the Firewall Rules (so also for IPsec).


Cheers,
Franco
February 02, 2017, 05:57:21 PM #2 Last Edit: February 02, 2017, 06:09:40 PM by pbolduc
I should have included screenshots. Sorry to be a pest I am obviously misunderstanding the firewall policy terminology. I've attached two screenshots indicating what I mean and a third screenshot showing my pre-configured Firewall Ports group.
February 02, 2017, 06:22:25 PM #3
No worries, this is easy: for ports to be specified you need to select protocol TCP, UDP or both.


Cheers,
Franco
February 02, 2017, 06:39:03 PM #4
Thank you so much!  I forgot to toggle my Protocol setting from "Any" to "TCP/UDP".
Print
Go Up Pages1
User actions