VPN clients not in device list

Comments

12 comments

  • Avatar
    Firewalla

    Do you mean you list out all of the VPN connections to the VPN server inside firewalla?

    0
    Comment actions Permalink
  • Avatar
    Lance W

    I believe that is what he means.  I was wondering the same thing.  It would be nice to see devices that are connected thru the VPN.  Either under "Devices" or maybe under "VPN Server" would make more sense.  As long as it is clear that it isn't a local network device and it is connected thru VPN.

    0
    Comment actions Permalink
  • Avatar
    Björn Boot

    A VPN client is another device on the local network so I would have expected it to be listed under the devices overview. See below. Maybe easy accomplished by bridging VPN TUNx with overlay ETHx and use DHCP from local network instead of separate IP range for VPN. I am in DHCP mode on firewalla.

     

     

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    VPN Client really it is not a device, it is more of a subnet and also a default route to that subnet.   We will likely to abstract this a bit more in the future.   And which devices talking to that subnet is configured under the VPN client scope. 

    0
    Comment actions Permalink
  • Avatar
    Björn Boot

    In my case it is another device that connects using a vpn client over 4g internet to firewalla vpn server. All further communication from the 4g device is routed over my home internet out. In that example i want it to show up under the devices list as another device being monitored by firewalla.

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    Okay, noted;  will let the engineers know.  

    1
    Comment actions Permalink
  • Avatar
    Sheamus Burns

    jumping back into this thread -- Just started playing with the firewally gold VPN features, and I'm curious -- with the gold is it possible to ssh into the openVPN server on the firewalla and view its subnet/ connected devices? 

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Yes, you can.  

    the vpn logs are /var/logs

     

    1
    Comment actions Permalink
  • Avatar
    Sheamus Burns

    thanks for the quick response!
    Side question -- are some logs not persisted between reboots of the box itself? I'm not seeing anything in some of those logs from before I had to reboot about an hour ago, but I imagine there would be entries from earlier in the day, when I started messing with the vpn.

     

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    You shouldn't count on any logs be persistent across reboots. (I think the ones that persist are in /var/log)

    0
    Comment actions Permalink
  • Avatar
    Jon Phan

    I am newbie with Firewalla and recently have a need to use the VPN Server (OpenVPN) function.  All works well but I cannot find a way to monitor devices that connect to my VPN server.  So technically anyone who obtained my VPN server profile can connect to my FWG and I have no way of knowing whether or not they are authorized devices.  This is a security risk.

    My questions are: 

    1. Is there a way the I can detect and monitor VPN connected devices?
    2. I find a group call OPEN-VPN in the Firewalla app and I can apply rules to it but I cannot see any devices in it, even though I have active VPN connections.   Is this normal?

    Please advise...

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    You need to be on wireguard VPN and 1.973 https://help.firewalla.com/hc/en-us/articles/4403336151827-Firewalla-Box-Release-1-973-App-Release-1-47

    On OpenVPN, we still monitor the connection, just can't distinguish what device is what. 

    0
    Comment actions Permalink

Please sign in to leave a comment.