Static route to LAN destination
-
I am trying to create a static route towards a local machine. The reason why I'm doing this is because the destination machine is both hosting the OpenVPN server and VPN client connection. Back in pF 1.2.3 I can create it manually through the static route page but now that is missing in 2.0 RC3 :-\ any heads up ?
-
System > Routing. Add a gateway (the IP of the VPN router), then go to the routes tab and add a static route using that gateway.
-
System > Routing. Add a gateway (the IP of the VPN router), then go to the routes tab and add a static route using that gateway.
adding a static route through the routes tab did not work.. clients behind pfsense still could not reach the VPN subnet
however adding a firewall rule to pass all VPN subnet to the VPN gateway did work.. :-\ -
i've tried just adding a static route mapped to that gateway but the LAN clients still went through the WAN interface instead .. am I missing anything ? :-\ ???
-
i've tried just adding a static route mapped to that gateway but the LAN clients still went through the WAN interface instead .. am I missing anything ? :-\ ???
Let me guess… you're using multi-wan?
http://doc.pfsense.org/index.php/Multi-WAN_2.0#Policy_Route_Negation
-
i've tried just adding a static route mapped to that gateway but the LAN clients still went through the WAN interface instead .. am I missing anything ? :-\ ???
Let me guess… you're using multi-wan?
http://doc.pfsense.org/index.php/Multi-WAN_2.0#Policy_Route_Negation
yes I am on a multi-wan setup
-
Then read the link I provided and add some policy route negation rules for local networks.
-
Then read the link I provided and add some policy route negation rules for local networks.
yeah I've done it and it seems to be working now :)
however I am encountering another issue though.. I have a VPN connection to my office network that is on the 192.168.0.0/19 segment and I have another site to site VPN connection to the remote site segment that is on 192.168.90.0/24.. the connection to the 192.168.90.0/24 segment tends to break often and I do have a feeling that it is going across the wrong path :-\
