Hello, we have successfully configured an IPSec VPN connection between two Teltonika routers. Now we have the task to allow traffic from one network into the other, but not the other way round. I understand the IPSec VPN has no extra zone, so I tried to achieve this with the "leftfirewall" and "rightfirewall" settings, but it seems not to do what we need - or we could not figure out which combination of firewall settings in the IPSec dialog is correct.
What we want to achieve is:
lan a -> ROUTER A -> VPN -> ROUTER B - lan b : OK (maybe limited by destination ports)
lan b -> ROUTER B -> VPN -> ROUTER A - lan a : REJECT
How can we achieve this behavior? I would also use the custom IPTABLES rules, but I would need an exampe for a script then.