Good evening to everyone,
I have several active vpn tunnels, they all point to a server I have in the company.
I would like the basic services to pass (tcp 80 3306 5900) but I would like to avoid all the rest of the traffic.
I’m trying various rules, but I can not stop anything
I’ve created this specific rule, but it continues to pass everything from ping to web traffic
in object elementary i have insert ip 192.168.1.210 (local)
in object nasvpn3 i have insert ip 192.168.3.100 (remote vpn)
i have try to move at top or bottom of list, but nothing.
the external ip block worked perfectly, but with hosts or networks in vpn I can not.
Yes @mrmarkuz, I know that there is the role vpn, I tried in the past to create the rules. allowing safe traffic first and then blocking everything that comes from vpn.
and anyway, I have some tunnels where I want to limit even more the services, and I will add others with time.
I do not want to publish mysql on all tunnels, in this case it makes no distinction
but above all, so I also block the ping! that would be handy for me to have