VPN internet traffic



  • I got an working VPN configuration from https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2#Mobile_Clients
    All traffic goes through the VPN. So far so good, but I want my internet traffic outside VPN. If I change the config from Local Network: Network 0.0.0.0/0 to LAN subnet I can’t reach the internet at all. It’s not a DNS issue because IP addresses don’t work too.
    I have a firewall rule that allows any to any, so I think that’s also not the issue.

    Any hints?

    BTW: pfSense 2.3.3-RELEASE-p1 and iPhone 7 iOS 10.3.1
    ![Bildschirmfoto 2017-04-21 um 21.21.01.png](/public/imported_attachments/1/Bildschirmfoto 2017-04-21 um 21.21.01.png)
    ![Bildschirmfoto 2017-04-21 um 21.21.01.png_thumb](/public/imported_attachments/1/Bildschirmfoto 2017-04-21 um 21.21.01.png_thumb)
    ![Bildschirmfoto 2017-04-21 um 21.21.43.png](/public/imported_attachments/1/Bildschirmfoto 2017-04-21 um 21.21.43.png)
    ![Bildschirmfoto 2017-04-21 um 21.21.43.png_thumb](/public/imported_attachments/1/Bildschirmfoto 2017-04-21 um 21.21.43.png_thumb)



  • When you select 0.0.0.0/0 that will tunnel everything, you need to put only the LAN address space in there and then it should send everything else out the default gateway.

    It's called split tunneling, it might help your searches if this doesn't help.



  • I don’t know exactly what happend, but now I can reach the internet and my LAN host with the correct setting. But still cannot resolve FQDN within the LAN. It doesn’t matter if I fill in lists of DNS servers or a search domain in pfSense or locally on my Mac.
    So I think now, it’s a DNS issue, but I don’t have any clue to resolve this.


Log in to reply