Hello,

I created a bridge called "ovpn" which includes the ovpn interfaces "ovpn-in1" to "ovpn-in4" (my ovpn server on the RB offers up to 4 clients a connections to the RB). Because it is not possible to add dynamic interfaces (which are not running all the time) to firewall rules, I tried to solve it with a bridge.
Moreover, when two connections are running and a thid client tries to connect a new dynamically ovpn interface will be created - so it is not possible to set firewall rules for these interfaces.

When I add the same rule with "ovpn-in1" interface instead of "ovpn" (bridged ovpn ports) the rule works but when I replace the "ovpn-in1" interface with the "ovpn" (interfaces ovpn-in1, ovpn-in2, ovpn-in3, ovpn-in4) the rule does not work and the traffic between the ovpn interfaces and the LAN_Buero bridge will not be forwarded.

Is this a bug in ROS 6.42?

Is there any solution for this problem?

Why for every client will be created a seperated ovpn interface? OpenVPN on Linux systems does not have the same behavior.

Thanks, very much.

Create an interface list and make oven-in1, etc as a member of this, then use in-interface-list=ovpn in firewall rules

Thanks, it works.