VM as a VPN Concentrator
I have a pfsense instance running on a physical super micro in my datacenter currently with 20 + ipsec and open vpn tunnels terminated on it.
What I'm trying to accomplish is setting up a pfsense vm on my vmware cluster inside the firewall strictly as a vpn concentrator. I have the VM setup, tunnels can establish and stay up… thats all fine... the problem is I cannot get traffic to route from the servers inside the network back down the tunnels properly because I think the machines are sending their traffic to their default gateway (the physical pfsense) and that pfsense doesn't know where to route the traffic...
So the question is... how do I say any traffic destined for a network coming from the vm concentrator to go back down that tunnel instead of the edge pfsense?
You would have to add static routes for the VPN'ed subnets to your clients or, ideally, to the physical pfSense router.