[ previous ] [ next ] [ threads ]
 
 From:  "Seth Martin" <SethM at turbinegenerator dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Blocking Outgoing VPN Access
 Date:  Tue, 11 Oct 2005 15:52:37 -0400
Are you making sure your rules are in the proper order?  If you have an
Allow ALL to ALL rule first then it'll ignore everything else.

 

  _____  

From: Jim Naslund [mailto:jnaslund at gmail dot com] 
Sent: Tuesday, October 11, 2005 3:37 PM
To: Seth Martin
Subject: Re: [m0n0wall] Blocking Outgoing VPN Access

 

I actually tried to do that by adding a rule that blocked anything with
the destination ip address of the vpn server on the LAN interface
and for some reason it still go through.  Is that the right way to block
a specific ip address?

Thanks,
Jim

On 10/11/05, Seth Martin <SethM at turbinegenerator dot com> wrote:

Well if it's the same VPN server you could just block all traffic to the
specific IP.

-----Original Message-----
From: Jim Naslund [mailto:jnaslund at gmail dot com]
Sent: Tuesday, October 11, 2005 9:16 AM 
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Blocking Outgoing VPN Access

Hi,

I'm trying to block VPN access from my network because people are
connecting to a nearby campus with VPN and downloading 
through direct connect that way. I made a firewall rule that rejected
UDP
packets destined for port 500 but this did not prevent access.
The VPN connection I'm trying to block uses IPSec. Any suggestions?

Jim


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch