Hi!
In my firewall log i see
90.90.94.87 isn’t a private IP, but an public IP of france orange telecom.
Therefore it should not belong to green network. I think the FORWARDFW log entry shows some problems in network configuration, physical and/or logical.
I know about the French addresses, but we have had them internally for the second decade, since the days when they were so-called gray addresses and were allowed as private. And since we don’t use anything from the internet resources now on the relevant orange telecom network, we have no problems so far, unless the latest versions of ipfire have hard-coded restrictions on internal network addresses. In addition, this situation confuses hackers if they somehow find out one of our internal addresses, because they also think that it is an orange telecom address.
Have you added the other subnet manually to your green interface? If not IPFire will route traffic to the default gateway which is red.
My mistake - 172.17.8.135 really was outside (internet) address from VPN connection. I confused it with my green LAN 172.17.18.135. But it’s also not clear why the originally mentioned entry only appeared once in the logs, even though the VPN is running 24/7.
