Results 1 to 2 of 2
  1. #1
    Newbie
    Join Date
    Oct 2020
    Posts
    2

    Default Rules behaving unexpectedly

    Pursuant to the New User Guidelines, I will ask my question up front and then provide as much detail as possible. I apologize in advance if I fail to strictly follow those guidelines.

    Question:
    What could I possibly be doing wrong to cause the simple VPN Tunnel rules I've put in place to behave unexpectedly, what could I do differently to prevent that?

    Supporting details:
    I'm running v16.01 of NG FW on an i7 7500u mini-pc that generally has a CPU load of about .1-.2 and around 28 gigs of free physical ram.

    I have 3 commercial VPN tunnels configured in the Tunnel VPN app: 1 using NordVPN and two using ExpressVPN. All three are functioning and accepting traffic. The reason I have two instances of Express is that I seem to get much better throughput if I assign one of the two NNTP servers I subscribe to to each instead of all NNTP traffic going over one connection. I'm not sure what that is, but that's not the issue.

    I have these rules set up to do the VPN routing. 80/443 is routed to Nord with some exceptions. Sessions tagged as nntp go to one Express tunnel and those tagged nntp2 are directed to the 2nd Express tunnel.

    rules.PNG

    The trigger for one server is:
    nntp tag.PNG

    The trigger for the other server is:
    super tag.PNG

    When I looked at the active sessions, I saw a bunch of traffic other than what was defined in the triggers and rules being directed to the Express tunnels:
    sessions.PNG

    Here is detail on one such session:
    avast.PNG


    I've read other forum postings mentioned other instances unexpected vpn routing but those weren't resolved.

    If anyone has any ideas, I'd appreciate it. If I need to provide more information, I'd be happy to do that.

    Thanks,
    John

  2. #2
    Newbie
    Join Date
    Oct 2020
    Posts
    2

    Default

    Oops. I misunderstood how the client tagging works. Sorry about that. If I just use vpn rules of the nntp server IPs it works right. Reading is fundamental.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2