I am having a problem blocking SSL VPN access to my XG WAN from the LAN. To clarify, I am trying to block local access to the XG SSL VPN rather than a VPN on the Internet.
I have a policy from LAN, LAN Network (192.168.1.0/24) to WAN, both static IPs, service UDP 443.
This works for WAN 1 which is DHCP assigned from a fibre router. But, it doesn’t work for WAN 2 which a PPPoE connection via an ADSL modem.
The OpenVPN client times out connecting to WAN 1 and I can see the expected log entries. This is good. When the client switches to the backup, WAN 2, the XG lets the packets through and the client connects.
I suspect that the problem has something to do with the fact that my backup public IP is assigned to WAN 2 directly.
Can anyone suggest a procedure to block LAN clients from accessing a VPN on a WAN interface.
Thanks!
This thread was automatically locked due to age.
