Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Creating a Policy Route to Send All Traffic from Host Through OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 2 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shetu
      last edited by

      Hi
      I follow this tutorial https://www.infotechwerx.com/blog/Creating-Policy-Route-to-Send-All-Traffic-Host-Through-OpenVPN

      I can connect Openvpn Client Instance but then I stuck. I want sing pc from lan use this vpn service. Can anyone provide explain in easy English?
      My pfsense version 2.3.4 Release.

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        If you've done all the steps as described in the mentioned tutorial it should even work.

        What's your concrete problem? Do you get any internet connection on the particular pc. Is the pc going out to WAN gateway?

        Post your firewall rules and outbound NAT settings.

        1 Reply Last reply Reply Quote 0
        • S
          shetu
          last edited by

          Lan pc do not get vpn ip and pc is going out wan getway.

          ![lan rules.jpg](/public/imported_attachments/1/lan rules.jpg)
          ![lan rules.jpg_thumb](/public/imported_attachments/1/lan rules.jpg_thumb)
          outband.jpg
          outband.jpg_thumb
          getways.jpg
          getways.jpg_thumb

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            You forgot to move the policy routing rule to the top of the LAN rule set, underneath the anti-lockout rule.

            To get the gateway shown as online, you will need an additional outbound NAT rule on the vpn interface for source = 127.0.0.0/8. However, LAN access should also work without this.

            1 Reply Last reply Reply Quote 0
            • S
              shetu
              last edited by

              Thanks. I do it. May by free openvpn has no speed.
              Another question - Does lan pc ip change to vpn subnet or not?
              My lan ip is 192.168.1.17. it is not changed.

              rules.jpg
              rules.jpg_thumb
              graph.jpg
              graph.jpg_thumb

              1 Reply Last reply Reply Quote 0
              • V
                viragomann
                last edited by

                @shetu:

                Another question - Does lan pc ip change to vpn subnet or not?
                My lan ip is 192.168.1.17. it is not changed.

                You mean the PCs IP?? That should be static and is not changed inside the LAN network.
                The outbound NAT rule you've added translates the address when packet go out the vpn interface. On the vpn server it is translated once more to the servers public IP.

                In the LAN rule you have permitted only TCP protocol. Change this to TCP/UDP and configure the pc to use a public DNS server to avoid DNS leaks. DNS also require UDP.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.