pfsense traffic always goes through vpn client

andresmorago

Hello

On a fresh install with a DHCP WAN and a openvpn client, all the traffic from the router will go through the vpn and not wan. is there any way to change this behaviour?

[2.5.0-RC][admin@svr00.xxxx.com]/root: ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: LAN
        options=81209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER>
        ether xx:xx:xx:xx:xx:xx
        inet6 fe80::223:24ff:fe6f:63d8%em0 prefixlen 64 scopeid 0x1
        inet 10.0.0.100 netmask 0xffffff00 broadcast 10.0.0.255
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
enc0: flags=0<> metric 0 mtu 1536
        groups: enc
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
        inet 127.0.0.1 netmask 0xff000000
        groups: lo
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
pflog0: flags=100<PROMISC> metric 0 mtu 33160
        groups: pflog
pfsync0: flags=0<> metric 0 mtu 1500
        groups: pfsync
ue0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        description: WAN
        options=8000b<RXCSUM,TXCSUM,VLAN_MTU,LINKSTATE>
        ether xx:xx:xx:xx:xx:xx
        inet6 fe80::d237:45ff:fecb:6a88%ue0 prefixlen 64 scopeid 0x6
        inet 181.53.xxx.xxx netmask 0xfffffc00 broadcast 181.53.43.255
        media: Ethernet autoselect (1000baseT <full-duplex>)
        status: active
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ovpnc2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        inet6 fe80::223:24ff:fe6f:63d8%ovpnc2 prefixlen 64 scopeid 0x7
        inet 10.18.0.34 --> 10.18.0.1 netmask 0xffff0000
        groups: tun openvpn
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        Opened by PID 88981

[2.5.0-RC][admin@svr00.xxxx.com]/root: netstat -rn4 | grep default
default            181.53.40.1        UGS         ue0

[2.5.0-RC][admin@svr00.xxxx.com]/root: traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 64 hops max, 40 byte packets
 1  10.18.0.1 (10.18.0.1)  85.238 ms  71.461 ms  127.844 ms
 2  * * *
 3  v121.ce09.wdc-02.us.leaseweb.net (192.96.203.92)  81.085 ms
    v32.ce02.wdc-01.us.leaseweb.net (192.96.203.93)  87.587 ms
    v121.ce09.wdc-02.us.leaseweb.net (192.96.203.92)  81.483 ms
 4  be-9.br02.wdc-02.us.leaseweb.net (173.208.126.38)  80.412 ms
    ae-10.br01.wdc-02.us.leaseweb.net (173.208.126.36)  74.751 ms
    be-10.br02.wdc-02.us.leaseweb.net (173.208.126.40)  75.037 ms
^C
[2.5.0-RC][admin@svr00.xxxx.com]/root:

johnpoz

Yeah don't pull routes from your vpn service and just policy route the traffic you want to go through the vpn.

andresmorago

@johnpoz said in pfsense traffic always goes through vpn client:

m your vpn service and just policy route the traffic you want to go through the v

should i add this then?

no-pull

johnpoz

Its a check box in the client setup..

andresmorago

@johnpoz thanks so much!