Pass rule on LAN interface, still blocked packets

Started by Arno, December 03, 2024, 12:14:07 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 03, 2024, 12:14:07 PM
Hi,

For one box I want internet access bypassing my VPN client to a VPN provider.
So I added the IP address to a 'NoVPN' alias.

On the LAN interface the is a pass rule:
Source: IPv4 NoVPN alias
Destination: *
(and another rule below for the same subnet to use VPN gateway)

When I search the logs using remote logging there are packets on the LAN interface that are blocked from this one box (from tcp high ports to tcp high ports).
So before going out on the internet some packets are blocked.

How is this possible?
December 03, 2024, 01:44:52 PM #1
is it the top rule.  in order of appearance
December 03, 2024, 09:04:50 PM #2
No. See attached image.

LAN net = subnet A
Internet = subnet A
DMZ = subnet B

The server that is blocked is in subnet C and it's IP address is in the 'NoVPN' alias.
The bottom rule in the picture is for all in subnet C.
Below these rules are more rules. Packets from the server should match the NoVPN rule so I excluded them from the picture.
Print
Go Up Pages1
User actions