Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Site-to-Site as default for one Subnet-Interface

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 194 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by

      Hello,

      i have 2 pfsense wich are connected via a Site-to-site Openvpn network. The connection works between both sides.

      But i want to force one local network (opt1) to use the other sides WAN to access the internet.

      So this is the wanted route for any traffic:

      PC > opt1-L > pfsense-L -------vpn------- pfsense-R > Internet

      I tried to setup a Rule for opt1-L like:
      from: Any
      to: Any
      (Advanced) force Gateway: OpenVPN-Gateway
      Set the rules on the pfsense-R side to allow all traffic from ANY to ANY on pfsense-R (VPN&Network)

      The OpenVPN-Server is pfsense-R
      The traffic from LAN must still be routed via the local WAN of pfsense-L

      Does anyone has a suggestion for this setup?

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        • "OpenVPN-GW" is handled as a gateway group including all OpenVPN instances (servers and clients) on pfSesne. So if you running multiple OpenVPN instances on L assign an interface to the concerned one and use the gateway of it for policy routing.
        • On pfSense R add an outbound NAT rule to the WAN interface for the source network opt1, translating source addresses to the WAN address.
        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.