Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN: How to send traffic from server via client?

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 665 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Dogfish
      last edited by

      Hi,

      I have my Pfsense OpenVPN server working in "Remote Access (SSL/TSL) mode with a couple of overseas friends connected. This allows them to play Pandora radio which is blocked in their country (through my Pfsense squid proxy).

      Can I  do the same in reverse on the same openvpn?
      I would like to send web traffic for one particular web site through one of their connections. This is to play streaming video which is geoblocked in my country.

      Or do I need to setup a new OpenVPN installation with them as server and me as client?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        To direct the traffic for a particular website to the client you need a route for this site at OpenVPN server.
        This can be set up by "client specific overrides".

        Add an override, select the server an enter the clients certs common name, enter a tunnel network that should be used for this client (within the servers vpn tunnel network).
        At "Local Networks" fill in your server sites LANs (it's necessary that at least the source IP of the host which want to access sites via this VPN is entered here to get the route pushed to the client) and other IPs or networks that the client should reach over vpn as you did in the server setting and at "Remote Networks" enter the addresses or networks you want to reach via the client from server side.
        Set the other options to your fits.

        Off cause the access has to be allowed by the clients firewall rules as well as at server side and the clients router must do masquerading also for the servers sites source network.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.