I have the "Essentials Firewall" installed in a test environment and I'm able to pptp to the network and I access internal resources OK but my real issue is that I'd like to limit what that VPN connection access.
I've created rules:
PPTP VPN Pool --> Specific Internal address ALLOW
PPTP VPN Pool --> All other Internal address DROP
I've put those rules at the top but it doesn't seem to have an effect. I can still access everything internally. I'm testing this by sending a ping to two different addresses (the one I want to hit and a test one I want blocked). The ping won't go through at all until I check "Allow ICMP through Gateway" in the firewall config section. So the odd thing is:
1. if I don't have the above rules enabled and I don't have the ICMP check box checked then no pings get through and the live log shows and Automatic Drop.
2. I have the rules enabled and still don't have the check box checked then the log shows that my 2nd rule (the dropping rule) is the cause of the dropped pings...even to the address that's supposed to be allowed. No pings get through.
3. If I have the rules disabled but the ICMP box checked then I can ping any internal address and the log shows nothing...even when I have logging turned on.
What rules are being used for those VPN connections and how can I limit internal access from the VPN pool? I was hoping it was as simple as the rules I created above.
This thread was automatically locked due to age.
