[Solved] Cannot access LAN when bypassing VPN
-
When I am connected to my VPN provider OVPN.com via OpenVPN there is no problem to reach LAN from my main PC.
But in order to let my main PC bypass VPN sometimes I activate my VPN Bypass floating rule - see attached screenshots of config.
Though when the bypass is activated I cannot access LAN anymore, not even ping..
When I traceroute my main PC (192.168.2.5) from OPT2 it respond with 10.128.0.1, but when I tracetroute from WAN or WLAN or anything else I get no respone.
I have not set any rules for OpenVPN or OPT2.I've tried to understand this for 3 days now. :( Please help me out if you have a clue what's happening!
See attached files for my configuration, I attached as much as I could think of that could be involved.
![VPN interfaces.PNG](/public/imported_attachments/1/VPN interfaces.PNG)
![VPN interfaces.PNG_thumb](/public/imported_attachments/1/VPN interfaces.PNG_thumb)
![VPN Floating.PNG](/public/imported_attachments/1/VPN Floating.PNG)
![VPN Floating.PNG_thumb](/public/imported_attachments/1/VPN Floating.PNG_thumb)
![VPN lan rules.PNG](/public/imported_attachments/1/VPN lan rules.PNG)
![VPN lan rules.PNG_thumb](/public/imported_attachments/1/VPN lan rules.PNG_thumb)
![VPN wlan rules.PNG](/public/imported_attachments/1/VPN wlan rules.PNG)
![VPN wlan rules.PNG_thumb](/public/imported_attachments/1/VPN wlan rules.PNG_thumb)
![VPN traceroute.PNG](/public/imported_attachments/1/VPN traceroute.PNG)
![VPN traceroute.PNG_thumb](/public/imported_attachments/1/VPN traceroute.PNG_thumb)
![VPN traceroute2.PNG](/public/imported_attachments/1/VPN traceroute2.PNG)
![VPN traceroute2.PNG_thumb](/public/imported_attachments/1/VPN traceroute2.PNG_thumb) -
Your forcing traffic out your wan, so no your not going to be able to access other networks that route through pfsense..
Create a rule above where you force traffic out your vpn or wan that allows the traffic you wan to your other lans..
-
Your forcing traffic out your wan, so no your not going to be able to access other networks that route through pfsense..
Create a rule above where you force traffic out your vpn or wan that allows the traffic you wan to your other lans..
Thank you very much!
So I created a new floating rule above all with the settings as the screenshot attached below and it works now!
Though could you please explain since it's not like what you said really, I just solved the problem another way?I tried different rules the way you explained. Like: Interface = OPT2, Source=truetype, Destination=LAN net, but with no success.
![VPN floating1.PNG](/public/imported_attachments/1/VPN floating1.PNG)
![VPN floating1.PNG_thumb](/public/imported_attachments/1/VPN floating1.PNG_thumb) -
For clarity, I would put that on the WLAN interface and not use a floating rule there.
Just put a pass rule with no gateway set above the rule that policy routes out OpenVPN.
-
For clarity, I would put that on the WLAN interface and not use a floating rule there.
Just put a pass rule with no gateway set above the rule that policy routes out OpenVPN.
When I put it on the WLAN interface is doesn't work for me, I guess that's because floating rules are above all other rules anyhow?
-
It works if it is positioned ABOVE the policy-routing rule in the interface rule set.
-
It works if it is positioned ABOVE the policy-routing rule in the interface rule set.
Forgive me, I guess I mix up the terms…
Please see attached screenshot, that is what I thought you meant by putting it on the WLAN interface.But now I made a new floating rule like the 2nd screenshot and it works, I guess that is what you meant is a more neat solution?
![WLAN rules.PNG](/public/imported_attachments/1/WLAN rules.PNG)
![WLAN rules.PNG_thumb](/public/imported_attachments/1/WLAN rules.PNG_thumb)