How do I stop the VPN server from initiating requests and accessing my network? I am also looking for any security recommendations for a VPN client. At a minimum, I would like to;
You should be easily be able to achieve the first two objectives by putting the vpn client interface into the wan firewall zone.
If tun0 is the name of the zone which includes the vpn client, then you only need to remove wan zone from forwardings.
One more thing, you probably don't need to masquerade the vpn zone, which seems to be a server for accessing your home network from outside.
@trendy I have no home VPN server. I have a subnet of VPN clients (192.168.3.0/24). This is the only subnet that can use the VPN remote server.
Thanks for the clarification, you don't need the masquerade on that zone.
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
cat /etc/config/network
cat /etc/config/firewall
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.