Bypass Router VPN for certain IPs



  • Hi all,

    I appreciate any help anyone can offer.

    First of all, I am running a dedicated PFSense box on a mini PC. I am so happy I made this move. Its stable as a rock and I will never look back now.

    Its used as a working from home / small business box and is the only router on the network. Nothing too complicated other than I am using this high end router (pfsense) and some slightly higher end switches and some other hobbyist stuff. I have two ports on the pfsense box. One goes to the modem, one goes to the local network. Nothing too complex like I said.

    I've been playing with OpenVPN on the router itself, passing all traffic via an OpenVPN (not physical) interface which I setup thanks to a small guide at torguard (service I am using). This is all working fine and if I disable the interface I can switch back to the WAN no problem.

    What I would like to do now is have certain PCs on my network not go through the OpenVPN and just direct to the LAN. This is so I can do my work on the normal WAN and anything else I can protect my privacy with VPN.

    I don't mind using different IP ranges to the different machines and I expect something along these lines will be required.

    How would I go about this? Here is the guide I used for Torguard OpenVPN. This all worked fine I just kept the DNS with the existing resolver: https://torguard.net/knowledgebase.php?action=displayarticle&id=208

    This is the guide I followed on Torguard



  • I just see this recently posted here:
    https://forum.pfsense.org/index.php?topic=118196.0

    Will try that and post back if it does not work.

    Thanks.
    Tom.

    EDIT: That worked perfectly for me. I did just need to also disable the default LAN rule.