Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Only have certain LAN hosts use OpenVPN tunnel?

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 878 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • opticalcO
      opticalc
      last edited by

      Seems like this should be possible.  I am doing a demo of NordVPN from their instructions here https://nordvpn.com/tutorials/pfsense/pfsense-openvpn/ it got me going very quick, the only thing I did different was their LAN firewall rule:  instead of allowing any, I just put a /32 in there, thinking that would allow that host to use the VPN, and then all others would use the regular WAN.

      This never worked, so I went back and changed that rule to ANY.  Still didnt work.  I found out later that the instructions above were missing a part: System Routing Gateways to set the new connection as the default gateway.  This caused EVERYONE on my net to use the openVPN tunnel.

      I monkeyed around in there a bit, still cant figure out how to get just 1 host using the tunnel.

      1 Reply Last reply Reply Quote 0
      • C
        CaretakersCurse
        last edited by

        What did it for me, at least as far as preventing everyone from going through the VPN by default, was enabling the "Don't pull routes" option under VPN>OpenVPN>Clients>edit your VPN. It's the 2nt option above the  Advanced Configuration header.

        All I need now is a 'Killswitch' so if the VPN goes down any client routed into the VPN doesn't just go back through the WAN.

        Hope this helped.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.