Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Routing traffic through a client connected to Openvpn/Pfsense server

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 561 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      trumee
      last edited by trumee

      Hi,

      I have an openvpn server running on pfsense and a remote client connects to it. Is it possible to use that client as a gateway, so i can send some of the traffic through them (from openvpn server side)?

      The client does not appear as gateway in Rules>Advanced Options>Gateway, so i cant simply select it.

      How can i do this?

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        Is that a site-to-site server or an access server which multiple clients connecting to it?
        Are you running multiple OpenVPN instances (servers or clients)?

        1 Reply Last reply Reply Quote 0
        • T
          trumee
          last edited by

          Pfsense is running an openvpn server where multiple clients connect.

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            If multiple clients connect to the server you cannot make use of policy routing in filter rules.

            But it's possible to route some destination networks to a client. However, this is applied to the hole network.
            If you want to do that, you have to add a client specific override for the concerned client to set the routes. Add the networks you want to route to the client to the "Remote Networks" in CSO.
            CSO only works with SSL auth, cause it is based on the common name in the client certificate.

            If you are running multiple OpenVPN instances additionally assign an interface to that vpn server.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.