Hello J65nko
I have realized my error (I think)
Since I am not actually hosting the VPN on the OpenBSD box the traffic coming to it is not actually "VPN" but standard traffic at that point. I added a rule to permit the IP address block for the VPN users and traffic flowed.
I am curious if this is the best way to do this. IF someone where somehow able to "spoof" the source IP of the VPN traffic would they be permitted in then?
My network looks something like this:
[firewall w/ VPN] <--> [OpenBSD FW] <-> rest of network
Thanks
|