Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
openVPN tunnel connects to WAN port from OPT1 - although port on WAN blocked
« previous
next »
Print
Pages: [
1
]
Author
Topic: openVPN tunnel connects to WAN port from OPT1 - although port on WAN blocked (Read 2883 times)
chemlud
Hero Member
Posts: 2486
Karma: 112
openVPN tunnel connects to WAN port from OPT1 - although port on WAN blocked
«
on:
May 26, 2018, 04:50:47 pm »
Hi again!
I know, this is most likely a feature, not a bug, but would book this under "unexpected behaviour", so just as a "heads up" to everybody :-)
Have an OPNsense (up to date i386 nano wit LibreSSL flavour). As I use it for traveling, it has preconfigured openVPN tunnels, employing DYNDNS for the target servers running on other
OPNsenses and one remaining pfsense (x64, latest updates installed).
All doing fine. Can reach the subnet I want to reach at a specific pfsense when traveling, but was really surprised that I could reach the openVPN server as well as clients in the LAN subnet
- when the OPNsense is BEHIND the pfsense, but in a different subnet (OPT1), than the subnet attached to tunnel (LAN)
- with a WAN firewall rule BLOCKING access to the specific port the openVPN server is listening.
Really a surprise to me at first sight, but then I remembered that you can reach the GUI from LAN when entering the WAN-IP in the browser (if not specifically blocked).
So the access to the specific WAN port is NOT blocked for access via this OPT1 network.
Will hopefully soon switch this remaining pfsense to OPNsense, but likely have to expect the same behaviour, as the openVPN traffic is hitting the WAN adress not via the WAN interface, which has the block rule, or? :-)
«
Last Edit: May 26, 2018, 04:52:48 pm by chemlud
»
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
openVPN tunnel connects to WAN port from OPT1 - although port on WAN blocked