![]() Goto to Advanced Options -> Set Local Tag and enter this value: NO_WAN_EGRESS.Goto to the rule you created on the LAN Rules section which redirect LAN traffic to the VPN tunnel and press Edit.In this article i will explain the configuration to prevent such leak on OPNSense. To prevent such leaking i configured the firewall rules to drop any VPN traffic that escapes to the WAN Interface by tagging the VPN traffic in the network and on the WAN i will check the traffic tag, if the traffic is VPN traffic the firewall will drop it to prevent the leak. VPN traffic should go to the VPN Interface, but i find a traffic on the WAN Interface which originated from the LAN to VPN and the firewall pass it and that cause leak. After using OPNSense firwall for a while to tunnel my traffic throw VPN directly from the network infrastructure level, i’m really satisficed with the experience but while i’m monitoring the firewall traffic, i discovered a traffic leaking happen in some cases. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |