Route all traffic through VPN (with some exceptions)
-
Currently, I have a site-to-site OpenVPN setup that when activated, redirects all traffic through the VPN. I've created an alias for WAN ports and an alias for allowed ports, as well as the associated firewall rules. Currently, when the VPN is active, all outbound traffic that matches the ports in the allowed ports alias is routed through the VPN. When the VPN goes down or is turned off, the ports in the alias are routed through the WAN. The ports in the WAN ports alias are always routed through the WAN no matter what.
What I'd like to do is setup a rule or a set of rules so that when the VPN is up, everything is routed through the VPN. When the VPN is down, all ports in the allowed ports alias are blocked from the internet (WAN). Is that possible to do with pfSense? I looked at floating rules, but I can't seem to get that to work.