VPN client to one Interface only

  • Hello!

    I'm new to pfsense.

    This is how I'm trying to set things up.

    LAN to switch.
    Opt1 VPN connection for computer. Only want vpn on this interface.
    Opt2 IP TV box.

    At the moment im using LAN directly to my computer, because I have problem setting vpn connection only for one interface.

    The IP Tv connection is not a priority.
    Anyone can lead my in right direction?

  • LAYER 8 Global Moderator

    So setup your vpn.. Then setup opt1 to use your vpn as its gateway. There is reason to break this out to its own interface. This is a simple policy route to have 1 client use the vpn.

    Make sure when you setup your vpn connection your not pulling routes.

  • @johnpoz

    Oh! I feel stupid! That sound so logic.

    Going to test it, hope i get it working.

  • LAYER 8 Global Moderator

    If you need pictures or something let me know - I have a vpn connection to one of my vpses just for this reason to help with vpn posts.

  • @johnpoz

    Yes that would be very helpful!

    I get the idea of connecting opt1 to vpn gateway, but cant really find the correct tab.

    The vpn is already setup long ago 😅

  • LAYER 8 Global Moderator

    Do you have your vpn client pulling routes? If so you need to turn that off..

    Do you have your opt1 network created? If so just change the gateway to use your vpn as the gateway.

  • @johnpoz
    I dont know if it is pulling routes. I followed the instructions from the VPN company according to Pfsense setup.
    So I assume its not. How can I find out?

    Here is some pictures, I got my LAN free from VPN. But i don't get any connection when using op1(MullvadVPN) with my ethernet cable.
    3_1534963865207_vpn4.png 2_1534963865207_vpn3.png 1_1534963865207_vpn2.png 0_1534963865206_vpn1.png

    Am I close? Or am I completly lost?

  • LAYER 8 Global Moderator

    No your not close ;) So your forgetting the opt2 idea.. You don't have a network setup on it even.

    Why are you using manual outbound nat and not hybrid?

    Your rule to send out your vpn gateway - the source needs to be the IP on your lan that you want to use the gateway.. not your vpn net..

    As to pulling routes - you have it check in your vpn client NOT to pull routes... Your sayng your current lan is not using your vpn..

Log in to reply