Bypass the vpn for specific server

Hey Guys,

I have a pfsense network with private internet access running and all my traffic running through the vpn. (so if the vpn goes down the network goes down, this is how I want it). So what I want to do now is setup duckdns for a specific server and port but I want that server to be routed through my WAN and not through the VPN. I'm lost as to what rules to put in place to allow this.

I've tried to setup policy routing in my LAN firewall rules like in my screenshot.

I've also set the gateway in the advanced options to my WAN IP.

Any ideas?

Thanks!

gjaltemba

On my setup, I would add a Outbound NAT for the WAN interface mapping source ip and port.

Derelict

Destination WAN net is not the internet. Destination any is the internet.

Just put a rule ABOVE the rule that policy routes that network to the VPN.

Set the source to the host you want to route normally

Set the gateway on that rule to none (default).

Thanks for the help guys!

So I created a LAN rule as shown in the screenshot but it doesn't seem to work. Now, when I want to connect to that server over the internet I have to use the WAN IP right?

The rule has my server as the source ip and the gateway is default.

I assume I am doing something wrong here but can't figure out what it is.

Derelict

You need a port forward to connect to that host inbound.

https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

So that means I have to do that in NAT right? Am I suppose to be putting this rule on the LAN interface or the WAN interface.

Derelict

https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

Yeah I followed that and it doesn't seem to work at all.

I setup my NAT and that automatically creates a rules on the WAN side but I can't connect to my WAN IP with port 8123.

![WAN Rules.PNG](/public/imported_attachments/1/WAN Rules.PNG)
![WAN Rules.PNG_thumb](/public/imported_attachments/1/WAN Rules.PNG_thumb)

Derelict

https://doc.pfsense.org/index.php/Port_Forward_Troubleshooting

So I finally solved the issue!

I couldn't figure out the NAT and port forward so I hooked up my server to an extra NIC port on my pfSense and then gave that interface it's own separate network and then created the NAT rule for that network and everything is working fine now!

I have my server being routed outside the vpn and the rest of my network on the VPN.

Thanks for the help guys!

boopathymuthusamy

Hi Team,

I have done dual wan connection in pfsense using load balancing but i cant use both network at a time.If wan1 is down after that only i am able to access 2nd wan. Is any idea for this to resolve.