Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing SOME IPs or Subnets through OpenVPN

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 475 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kolpinkb
      last edited by

      Unfortunately, the thread at…

      https://forum.pfsense.org/index.php?topic=72902.msg397636#msg397636

      ...was locked by a moderator.

      I followed this guide...

      https://doc.pfsense.org/index.php/Routing_internet_traffic_through_a_site-to-site_OpenVPN-connection_in_PfSense_2.1

      ...except I made the following modifications:

      1. Don't add "redirect-gateway def1" to site A.
      2. Delete the two Outbound NAT entries on Site A for Site A's Subnet you want to send through the VPN.  Don't add a new Outbound NAT rule to Site A.  Site B is taking care of NAT.
      3. Just change the gateway in the firewall rules tab on Site A for the subnet you want to route through the VPN.
      4. Add Site B's OpenVPN tunnel endpoint IP to Site A's DHCP server DNS option.
      5. Disable gateway monitoring action for the VPN on site A (when the OpenVPN daemon goes down on site A all internet traffic (going through the VPN and not) ceases otherwise.

      These features will prevent any traffic going out Site A's WAN if the OpenVPN instance goes down.

      1 Reply Last reply Reply Quote 0
      • H
        Horizon82
        last edited by

        Post your NAT table and LAN firewall rules.  You probably have a setting wrong.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.