Multi country OpenVPN clients



  • Hi,
    I have used pfsense for a number of years and consider my self as a general rule to be  good at networking.
    However after trying for some weeks I am requesting assistance on getting mutiple OpenVPN client WANS working correctly.

    I have pfsense setup as behind a IPv4 gateway, pfsenses funbction within my network is as an IPv6 router using a broker, and as a VPN server (working fine with remote sites and RAS configuration.
    The final function which I am struggling with is where pfsense is set up with two OpenVPN Clients to different country servers (US & UK).

    I want to be able to control which devices internally are permitted to use which country VPN and if they are not permitted they should redirect/fall back to using the IPv4 gateway.

    I can get this behaviour working with a single OpenVPN client (I currently have it set for US).
    thus if an internal clien sets it defult gw as my pfsense box if it is in the US VPN permitted group it appears as if it is in the US and if it is not it is directed to the LANs default gateway and appears to be from the local country.

    I m using the pfblockerNG package to create the alias groups.

    I am trying to see if this has been done previously and if it is currently lnpown to work; I am using pfsense v2.3.2-RELEASE-p1 (amd64); and is there a howto/walk-through/info on what to do.

    I seem to see issues with the interface not getting an IP address all the time and this is easily resolved by a reboot of pfsense but I am concerned that this is indocative of an underlying interface/routing issue that I may be hitting.

    Any advice welcome, and I will try my best to provide more details as requested.

    Thanks