Hallo
I set up openvpn and haporoxy on the pfsense close to the toturials, so there are the rules for VPN on the WAN interface and the rule for haproxy and it works fine.
Now I add pfblockerng, because I don’t want the hole world to see that there is a https service (haproxy) on my WAN adress, that works fine after setting up geo blocking (from my country I can access https, from all other not), but it blocks my VPN access as well, because the pfblocvkerng rules are in front of the passing rule for the VPN.
On my understandig floating rule are processed befor Interface rules, so I moved the VPN pass rule on the WAN to the floating rules but it still blocks the VPN from outside of my country. When I turn of the pfblocker rules the floating rule for the VPN works so it should be not the passing rule for the VPN itself.
My target is to have VPN from everywhere, then block all other by goe IP, and only from the countries I want allow access to https (haproxy)
Floating rules
WAN rules
