I recently got a UDM pro and i currently have my mullvad vpn running on it and all traffic through a VM on my server goes through that. However, id like a kill switch by not letting it go through the default interface if the vpn goes down. I had the vpn running on the vm and had a killswitch through the firewall, but it being on the vpn doesnt allow me to reach the vm when i remote into my home network. Any ideas on how i can accomplish this?
The configuration is just Modem into UDM pro, into switch and then a server that hosts some VMs and one of those VMs needs its traffic to go through mullvad and mullvad only.
Hello! Thanks for posting on r/Ubiquiti!
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit.
If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
Does specifying the VPN as rhe WAN interface for a port failiver to other WAN if VPN is closed?
Firewall rule blocking all outbound apart from DNS and VPN protocols would do this I think. Then set a traffic rule for the client network and only traffic that exits via the VPN tunnel would be allowed outbound.
from what i understand you cant specify the vpn to a port, only networks so id have to do some stuff with vlans which i couldnt get to work. not that im any good at it. but with current configuration and specifying traffic to a specific machine through the vpn it does failover to default network.
I’m not sure how I would do this, it didn’t seem like I could make a firewall rule like that in the settings.