Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Creating a Policy Route to Send All Traffic from Host Through OpenVPN

    OpenVPN
    2
    6
    1226
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shetu last edited by

      Hi
      I follow this tutorial https://www.infotechwerx.com/blog/Creating-Policy-Route-to-Send-All-Traffic-Host-Through-OpenVPN

      I can connect Openvpn Client Instance but then I stuck. I want sing pc from lan use this vpn service. Can anyone provide explain in easy English?
      My pfsense version 2.3.4 Release.

      1 Reply Last reply Reply Quote 0
      • V
        viragomann last edited by

        If you've done all the steps as described in the mentioned tutorial it should even work.

        What's your concrete problem? Do you get any internet connection on the particular pc. Is the pc going out to WAN gateway?

        Post your firewall rules and outbound NAT settings.

        1 Reply Last reply Reply Quote 0
        • S
          shetu last edited by

          Lan pc do not get vpn ip and pc is going out wan getway.

          ![lan rules.jpg](/public/imported_attachments/1/lan rules.jpg)
          ![lan rules.jpg_thumb](/public/imported_attachments/1/lan rules.jpg_thumb)



          1 Reply Last reply Reply Quote 0
          • V
            viragomann last edited by

            You forgot to move the policy routing rule to the top of the LAN rule set, underneath the anti-lockout rule.

            To get the gateway shown as online, you will need an additional outbound NAT rule on the vpn interface for source = 127.0.0.0/8. However, LAN access should also work without this.

            1 Reply Last reply Reply Quote 0
            • S
              shetu last edited by

              Thanks. I do it. May by free openvpn has no speed.
              Another question - Does lan pc ip change to vpn subnet or not?
              My lan ip is 192.168.1.17. it is not changed.




              1 Reply Last reply Reply Quote 0
              • V
                viragomann last edited by

                @shetu:

                Another question - Does lan pc ip change to vpn subnet or not?
                My lan ip is 192.168.1.17. it is not changed.

                You mean the PCs IP?? That should be static and is not changed inside the LAN network.
                The outbound NAT rule you've added translates the address when packet go out the vpn interface. On the vpn server it is translated once more to the servers public IP.

                In the LAN rule you have permitted only TCP protocol. Change this to TCP/UDP and configure the pc to use a public DNS server to avoid DNS leaks. DNS also require UDP.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post

                Products

                • Platform Overview
                • TNSR
                • pfSense
                • Appliances

                Services

                • Training
                • Professional Services

                Support

                • Subscription Plans
                • Contact Support
                • Product Lifecycle
                • Documentation

                News

                • Media Coverage
                • Press
                • Events

                Resources

                • Blog
                • FAQ
                • Find a Partner
                • Resource Library
                • Security Information

                Company

                • About Us
                • Careers
                • Partners
                • Contact Us
                • Legal
                Our Mission

                We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                Subscribe to our Newsletter

                Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                © 2021 Rubicon Communications, LLC | Privacy Policy