Sorry for the late answer, but thanks to all who helpped getting this working!
So to get Firewall Rules for your OpenVPN connections working, in short we did:
#1: Upgrade to 1.2.3 RC3 or newer
#2: Enter a Custom Option of dev tunX in the OpenVPN confguration
(Check the logs to find out which
Andreas Fuchs wrote:
I upgraded to 1.2.3 RC3 today.
I'm now able to crate an interface on my tun1 for the OpenVPN, after a
reboot the coneection is working.
But the filter rules don't work.
Based on the description i set the interface to a bridging interface to
my LAN, but that way the
Hi all
We have several Road Warrior stile open VPN Users. Today they are
directly routed to the LAN interface without any Filter Rules.
New security policies request that we restrict some of the OpenVPN Users.
It's a bit unclear to me how this can be done.
- Based on their CN we assign them
We have several Road Warrior stile open VPN Users. Today they are
directly routed to the LAN interface without any Filter Rules.
New security policies request that we restrict some of the OpenVPN Users.
It's a bit unclear to me how this can be done.
Create an OPT interface (do not assign this to
Hi Joseph
Thans for the fast reply, i think i undertand the idea, but:
How can i create an OPT interface assigned to a tun interface?
If i do: Interfaces - assign - add interface i can create an OPT
interface, but i the dropdown i have my phisical interfaces an a plip0
What am i doing wrong?
How can i create an OPT interface assigned to a tun interface?
I knew that reply I wrote was a bit sloppy:)
Make the OpenVPN config first specifying the Custom Opt as tun0.
Save it.
Then go back to your Interface Assignments and the Network port
selection will now have a tun0 interface.
jlc
Thats what i tryed before asking :-) and it was not working
But now i saw this in the pfsense doc:
/Filtering OpenVPN Traffic/
/As of pfSense 1.2.3-RC1 and newer, you can filter incoming OpenVPN
traffic. To do so, browse to Interfaces - Assign and assign the
appropriate tun interface to an
On Wed, Oct 14, 2009 at 2:01 PM, Andreas Fuchs f...@tcnet.ch wrote:
i'm running on 1.2.2, might this be my problem? as it is a production
environment i don't think it's smart to upgrade to 1.2.3-RC3
Yes that's your problem, and it's fine to upgrade to RC3, the final release
won't be much