VPN: Bind Rules to Tunnel
It would be great if I could bind Firewall rules/ Network definitions to IPsec Tunnels.
Now if i have a Rule like:
Client_Network -> Web Browsing -> Internet IPv4 -> Allow
This means that clients can browse through the VPN tunnel as well, beause the Tunnel is bound to the EXT Interface too.
Now, I can make the necessary deny Rule and place it before the allow Rule, but this is cumbersome and not ideal.
The simplest way would be that VPN Tunnels are handled as separate physical interfaces and can be bound as such..
Bob Alfson commented
The Packet Filter rule you give does not affect traffic through a VPN tunnel. If you have an issue you need help with, you can ask questions on the User BB: http://www.astaro.org/
Cheers - Bob