Stop openVPN falling back to the default WAN when OpenVPN is down?
-
Hi Guys
I've got everything set up on my home pfSense router - It operates like a normal router, but any IP address in a specfic range ie. 192.168.0.100 to 110 gets routed through the OpenVPN interface
My problem is, when openVPN is down, the devices get routed through the default WAN interface
If I remember correctly, isn't there a command I can employ on the OpenVPN firewall rule that prevents this?
-
might want to check out the negate rules
-
thanks
for some reason i thought it might be a no_wan_egress rule but i couldn't find it in the menus
-
Try these 3 settings:
- VPN -> OpenVPN(assuming you are using OpenVPN -> "Don't add/remove routes" (Mine is not checked)
- Firewall -> NAT -> Outbound (I made sure select WAN rules were deleted…no way out but VPN)
- Firewall -> Rules -> "The interface you are channeling the VPN traffic" -> The internet allow traffic rule -> In the rule itself look for the "Advanced Option" button named "Display Advanced" -> "Don't add/remove routes" drop down-> "Gateway" option -> Select VPN Gateway for your VPN.
All this assumes you have an interface setup for your VPN...I am doing the same thing and this works for me.
Open to feedback if I am doing this wrong!
Thanks,
Sean -
https://www.infotechwerx.com/blog/Prevent-Any-Traffic-VPN-Hosts-Egressing-WAN
