Routing traffic through a client connected to Openvpn/Pfsense server



  • Hi,

    I have an openvpn server running on pfsense and a remote client connects to it. Is it possible to use that client as a gateway, so i can send some of the traffic through them (from openvpn server side)?

    The client does not appear as gateway in Rules>Advanced Options>Gateway, so i cant simply select it.

    How can i do this?



  • Is that a site-to-site server or an access server which multiple clients connecting to it?
    Are you running multiple OpenVPN instances (servers or clients)?



  • Pfsense is running an openvpn server where multiple clients connect.



  • If multiple clients connect to the server you cannot make use of policy routing in filter rules.

    But it's possible to route some destination networks to a client. However, this is applied to the hole network.
    If you want to do that, you have to add a client specific override for the concerned client to set the routes. Add the networks you want to route to the client to the "Remote Networks" in CSO.
    CSO only works with SSL auth, cause it is based on the common name in the client certificate.

    If you are running multiple OpenVPN instances additionally assign an interface to that vpn server.