On 07/11/2016 07:55 AM, Fredrik wrote:
My firewall rules allows for everything but when I do a traceroute from a vm to
my NAS on my lan all traffic goes trough my VPN to the public internet.
MyVM -> VPN (proxyVM) - > sys-firewall -> sys-net
tried this setup as well
MyVM -> sys-firewall -> VPN (proxyVM) -> sys-net
Then I figured outh it must be my open VPN client (proXPN) that is not
behaving. Even when I run the vpn client inside an AppVM I cant acces my LAN
and trace-route shows it is trying to find my NAS on the public internet.
So this is not a qubesOS issue. But if anyone know how to configure openVPN to
ignore LAN traffic I would appreciate it.
Openvpn will usually set a default gateway (reroute all traffic) unless
you tell it otherwise. Check out the '--route' directives and the
openvpn website for help with configuration.
Note if you don't need simultaneous access to LAN and VPN in the same
application, it may be more secure to move the LAN-based activities to
an appvm setup for that purpose. The topology would look like:
LANVM -> sys-firewall -> sys-net
MyVM -> VPN -> sys-firewall -> sys-net
Chris
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/4e9a1999-5283-1800-67a1-340a74008157%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.
