Only have certain LAN hosts use OpenVPN tunnel?
opticalc last edited by
Seems like this should be possible. I am doing a demo of NordVPN from their instructions here https://nordvpn.com/tutorials/pfsense/pfsense-openvpn/ it got me going very quick, the only thing I did different was their LAN firewall rule: instead of allowing any, I just put a /32 in there, thinking that would allow that host to use the VPN, and then all others would use the regular WAN.
This never worked, so I went back and changed that rule to ANY. Still didnt work. I found out later that the instructions above were missing a part: System Routing Gateways to set the new connection as the default gateway. This caused EVERYONE on my net to use the openVPN tunnel.
I monkeyed around in there a bit, still cant figure out how to get just 1 host using the tunnel.
CaretakersCurse last edited by
What did it for me, at least as far as preventing everyone from going through the VPN by default, was enabling the "Don't pull routes" option under VPN>OpenVPN>Clients>edit your VPN. It's the 2nt option above the Advanced Configuration header.
All I need now is a 'Killswitch' so if the VPN goes down any client routed into the VPN doesn't just go back through the WAN.
Hope this helped.