Use the OpenVPN connection on OPT1 interface only.



  • Hi all,

    Firstly I apologise if this has previously been asked however I have had trouble locating the info required! I may just not know the terminology to search effectively.

    I would like to avoid having to run a second router and use the OPT1 Interface to do all of the OpenVPN traffic as it is just for Netflix etc. I manually run client on my pc for torrents etc.

    I have a new install of the latest PFSense running on a HP ML 110 G6 (plus dual GB nic) which I had spare. This is running with a Torguard OpenVPN connection which is working fine via the LAN interface.

    So my question is how do I set up PFSense to only use the OPT1 for OpenVPN and still have a non vpn connection on LAN? That is this can even be done!

    The only thing I have done so far is activate OPT1 and give it a different static IP.

    cheers


  • LAYER 8 Netgate



  • Thanks heaps Derelict I will take a look later and see how I go.



  • I had no luck getting it to work. The OpenVPN works fine on LAN.

    I think I will start again as I am not sure if I even had internet access on OPT1 before I added the OpenVPN client. So I should probably start there first.

    I have since found some other docs/pages however I am getting more confused than ever…..


  • LAYER 8 Netgate

    What firewall rules do you have on OPT1?

    What do you have in Firewall > NAT, Outbound?

    All you have to do is set LAN rules to the default gateway and set OPT1 rules to use the VPN gateway.



  • @Derelict:

    What firewall rules do you have on OPT1?

    What do you have in Firewall > NAT, Outbound?

    All you have to do is set LAN rules to the default gateway and set OPT1 rules to use the VPN gateway.

    Started again and I have internet on both LAN & OPT1, the VPN is also UP - however not routing via VPN

    I think the issue first time round was that I activated OPT1 after I set up the VPN

    OPT1 Rule:

    Protocol    Source        Port    Destination    Gateway
    IPv4*        OPT1 net      *            *            TGINTERFACE_VPNV4

    Outbound NAT
    As per Torguard instructions I duplicated all Outbound NAT (just changed the Interface to TGINTERFACE)
    I did however only do the ones on the OPT1 side and not LAN



  • My bad! It's working like a treat after a reboot.

    So LAN is my normal network (non VPN) and OPT1 is my VPN connected to my PS3! Can now watch US Netflix from here in Australia without having to manually start the VPN client on my pc and using ICS to the PS3.

    Thanks for pointing me in the right direction, it was quite simple in the end.


  • LAYER 8 Netgate

    Hmm. I have never had to reboot to get a change like that to take effect. Might have more to do with clearing existing states.



  • @Derelict:

    Hmm. I have never had to reboot to get a change like that to take effect. Might have more to do with clearing existing states.

    Yeah I would have thought it didn't need one! But hey it works so all good.


Log in to reply