Actions
Bug #13230
closed
Floating rules on VPN interfaces
Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
Rules / NAT
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:
Description
With floating rules on OpenVPN and WireGuard interfaces, matching traffic doesn’t seem to return with rules that pass traffic in the out direction. My VPN works as expected without a floating rule added (allowing pfSense to use its default pass rules for outbound traffic) but if I add a floating rule passing the IPs I want to pass or any traffic in the out direction it fails to return.
I only have a small block of IP that exit, so to get around the problem, rather than passing the block of IPs I want to allow and blocking everything else I’m blocking not (!) the block of IPs I want to exit so that I don’t have to create a pass rule.
I tried changing the state type to “Sloppy” but I still had the same issue.
Updated by 
Updated by 
Updated by
Actions