Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Route selective traffic through OpenVPN but not firewall generated traffic

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 683 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      madas
      last edited by

      Hello,

      I'm created an OpenVPN client that I will use to direct selective traffic through.  I have been able to create firewall rules and am able to select this interfaces gateway and that traffic is indeed sent through the OpenVPN tunnel - so this works great.

      My problem is that OpenVPN now directs all traffic from the firewall itself through this tunnel also.  So if I run a process on the firewall like ping it goes through the tunnel.  How do I stop this? I don't see any obvious way to make the "default" route the highest priority again

      Route table on PFSense

      Internet:
      Destination        Gateway            Flags      Netif Expire
      0.0.0.0/1          x.x.x.x (VPN gateway)          UGS      ovpnc6
      default          y.y.y.y (Local Cable) UGS        em1

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by

        On your vpn client connection check/uncheck pull routes.. So it does not set it as the default route.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • M Offline
          madas
          last edited by

          Oh that did it..thanks.  I thought that would have broken my policy based routing as well but it seems to still work.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.