Looking for a way to allow one server (or Local IPaddress) to use OpenVPN tunnel



  • First I need to say I am green when it comes to Linux and Pf sense.

    I have a Ubuntu server (no GUI) that I use Web Admin to administer.  I need to setup a Open VPN tunnel that only the server can use to move data through.  I can not seem to locate the info I am looking for.

    a different way to explain it is that I need my server to use the Open VPN tunnel over the internet while the other devices like roku and firetv use the internet traffic with out the Open VPN tunnel.



  • Have already set up the tunnel? If yes, does it connect? If no, what is the VPN server?
    Give us more details to your problem, please.



  • Yes I have the Tunnel setup and it is working.  Basically I just want my server to go thought the PIA vpn tunnel and everything else to use the internet like normal.  Yes it is to help hide the server but that is for privacy reasons that I can not talk about.



  • Would this be what I need to do

    https://forum.pfsense.org/index.php?topic=120169.0



  • hi

    I did something similar, but I use 2 active vpn connections as grouped. just need to create appropriate firewall Rules and select local ips as needed and LAN net as needed.

    ![LAN_ Rules.jpg](/public/imported_attachments/1/LAN_ Rules.jpg)
    ![LAN_ Rules.jpg_thumb](/public/imported_attachments/1/LAN_ Rules.jpg_thumb)
    ![VPN_ Rules.jpg](/public/imported_attachments/1/VPN_ Rules.jpg)
    ![VPN_ Rules.jpg_thumb](/public/imported_attachments/1/VPN_ Rules.jpg_thumb)



  • @eyarea51:

    Would this be what I need to do

    https://forum.pfsense.org/index.php?topic=120169.0

    No. You need to assign an interface to the VPN client. Interfaces > assign. Under "available network ports" select the vpn client (e.g. ovpnc1) and hit add at the right. Then open the settings of the new interface, check Enable, enter a meaningful name and save it.

    Then add a firewall rule to the LAN interface or which ever the server is connected to and add a new pass rule. Select the protocol type to meet your needs, maybe any, enter the servers address in the source box, display the advanced options, go down to gateway and select the OpenVPN client-GW (the name of the vpn interface added above) and save the rule. Put this to the top of the rule list.
    If you don't want to allow traffic over WAN-GW from this server in case when the VPN is down, you have also to add a block rule for that underneath the other rule.

    Remember that you have to set the server to use an external DNS, not pfSense.



  • Thnak you all for replying but I just need a bit more I very green with firewalls and and everything PFsense really.

    I used this https://www.privateinternetaccess.com/forum/discussion/18111/openvpn-step-by-step-setup-for-pfsense-firewall-router-with-video to initially setup along with one other I can locate right know.

    Do I need to remove the NAT out boaund rules and add the LAN ones I see in the pictures?




  • This is a lab VM inside my LAN so bogus IPs but same concept. http://imgur.com/a/nP8jc  Nat and Rules tabs.

    Have it setup like this in lab environment:
    OpenVPN (server) >> pfSense >> OpenVPN (client)

    Server and Client are Ubuntu. Is that what you were looking for?


Log in to reply