Routing a single VLAN to a VPN

viragomann

@04cc40 said in Routing a single VLAN to a VPN:

The problem is the other way around, all my VLANS are going out through the VPN when I want only a specific VLAN to be tunneled.

Yes, I noticed that. But this makes no sense to me. This sign indicate the actual default gateway:

So if this is next to the WAN gateway, I expect that the traffic goes out to WAN.
Below you can select the default gateway manually. But as this is also in automatic mode, it shouldn't use the VPN.

04CC40

@viragomann I am partially glad this makes no sense to someone else.

I have changed the order of the rules and the problem persists. For example VLAN_30 is supposed to be a clearnet and is not specified to be tunneled through the VPN_WAN gateway:

Screenshot at 2023-03-14 18-04-12.png

VPN connection is established:

Screenshot at 2023-03-14 18-07-18.png

My computer is connected to an SSID assigned to VLAN_30 and is being assigned an IP within that subnet:

Screenshot from 2023-03-14 18-15-15.png

But still, my public IP is one linked to the VPN (PIA Atlanta server in Georgia) :

Screenshot from 2023-03-14 18-16-24.png

mcury

@04cc40 Is this ticked in your pfsense openvpn client configuration?

04CC40

@mcury

Checked.

Screenshot at 2023-03-14 19-01-54.png

Bob.Dig

@04cc40 Then you may have a mess in Outbound NAT I guess.

JKnott

@04cc40 said in Routing a single VLAN to a VPN:

My problem is that I want only a specific VLAN to pass through the VPN

You don't pass a VLAN through a VPN, you route the subnet.

04CC40

@jknott

Sorry I "misspoke".

04CC40

@bob-dig

I decided to reset the appliance and redo all the config. It seems to be working as expected now, but I guess I'll never know where I f'ed up the first time.

I.T._Lee

I found this walk-through by Lawrence at Lawrence Systems. Goes through the setup of exactly what you want to achieve and explains why settings should be where they are and what simple mistakes can catch you out. I know you have it working now but it may help you to discover what the error was or it could help someone with the same problem in the future:

https://youtu.be/ulRgecz0UsQ

04CC40

@i-t-_lee Thanks. I actually switched to pfSense around 3 years ago because of his channel. I also switched to Unifi switches and AP's because of him. I did follow the nguvu guide because I'd rather be reading than pause-playing a video on YT, but you're right, his channel is a great resource.