I have a working configuration, but a question is bugging me.
The question centers around having multiple subnets on a single
OpenVPN Server LAN IP: 10.10.10.250
OpenVPN Server virtual subnet: 10.11.10.0/24
LAN Static Route: (NET) 10.11.10.0/24 (GW) 10.10.10.250
With the Advanced option "Bypass firewall rules for traffic on the
same interface" is checked, everything works as expected.
But, If I uncheck "Bypass firewall rules...", and start a UDP or TCP
session from the 10.11.10.0 net to the 10.10.10.0 net, the forward
path works, but the return bath is blocked in m0n0wall. Even with
LAN Firewall Rules:
"Pass" any LAN-subnet to any/any
"Pass" any OpenVPN-subnet to any/any
The return (destination 10.11.10.XX) is always blocked in m0n0wall
(per firewall logging).
I am quite satisfied keeping "Bypass firewall rules..." checked, but
I want to understand why m0n0wall is dropping LAN subnet1 to LAN
subnet2 traffic in the firewall.