Feature #2057

Ability to disable the auto-added "Negate policy routing" for VPNs

Added by Chris Buechler over 2 years ago. Updated about 2 years ago.

Status:Resolved Start date:12/20/2011
Priority:High Due date:
Assignee:Seth Mos % Done:

100%

Category:Rules/NAT
Target version:2.1 Estimated time:1.00 hour
Affected version:2.0 Affected Architecture:All

Description

The default of automatically negating policy routing for VPNs is sane by default, however there are some scenarios, like using gateway groups for failover of VPNs to another router, where that rule has to be disabled so you can policy route traffic. Need a checkbox under System>Advanced to disable adding that rule (rule under comment "negate VPN/PPTP/PPPoE networks for load balancer/gateway rules" in filter.inc).

Associated revisions

Revision dd72c418
Added by Seth Mos over 2 years ago

Add a checkbox that disabled automatically generates negate rules for directly connected networks and VPNs
Ticket #2057 in redmine

Revision 9ae39b01
Added by Seth Mos over 2 years ago

Add a checkbox that disabled automatically generates negate rules for directly connected networks and VPNs
Ticket #2057 in redmine

Revision 4d6f1fdd
Added by Seth Mos over 2 years ago

Add a checkbox that disabled automatically generates negate rules for directly connected networks and VPNs
Ticket #2057 in redmine

History

#1 Updated by Seth Mos over 2 years ago

  • Assignee set to Seth Mos
  • Estimated time set to 1.00
  • Affected Architecture set to All

Will add a knob on the advanced page as soon as possible. Not clear if you want to have this in 2.0.1

#2 Updated by Seth Mos over 2 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100

Added a global disable knob on systems advanced firewall.
Tested on 2.0.1

#3 Updated by Chris Buechler about 2 years ago

  • Status changed from Feedback to Resolved
  • Target version set to 2.1

Also available in: Atom PDF