VPN and Firewall
I have wireguard VPN server on my router.
I have peer for this VPN and his IP address 10.10.100.2
How can i say in firewall that this ip 100.2 can connect to host in VLAN10, but cant to other host VLAN20?
Or i cant?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Thanks a lot for answer. Sorry if im in wrong place.
I tried Firewall - AccessControl. I created rule which says "No acces from Vlan10 to Vlan20" and it worked perfectly.
But when i tried to create vlan100 (cos its working with NETs, if you choosing LAN -> LAN) with this IP 10.10.100.2 and tell them "deny from 10.10.100.2 to VLAN10" - nothing happened. Im connecting to VPN and still can use vlan10 hosts. So looks like i need to do something to put my VPN wireguard in 100 VLAN? But how?
I dont see interfaces like WG0 in GUI, but i see it in Zabbix.
I beleave im loosing something...
- Copy Link
- Report Inappropriate Content
Hi @XoXa
Thanks for posting in our business forum.
XoXa wrote
Thanks a lot for answer. Sorry if im in wrong place.
I tried Firewall - AccessControl. I created rule which says "No acces from Vlan10 to Vlan20" and it worked perfectly.
But when i tried to create vlan100 (cos its working with NETs, if you choosing LAN -> LAN) with this IP 10.10.100.2 and tell them "deny from 10.10.100.2 to VLAN10" - nothing happened. Im connecting to VPN and still can use vlan10 hosts. So looks like i need to do something to put my VPN wireguard in 100 VLAN? But how?
I dont see interfaces like WG0 in GUI, but i see it in Zabbix.
I beleave im loosing something...
Thinks this is a missing feature with the IP as Source. IP-Port and IP group are not available on the Omada router.
But no worries, this has been submitted and your request will be logged as well.
- Copy Link
- Report Inappropriate Content
Which source can be used to control vpn-peer routing?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 502
Replies: 4
Voters 0
No one has voted for it yet.