Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Traffic not going though WAN when server is on different local network

    General pfSense Questions
    2
    4
    176
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      o3x3omasmc last edited by

      Greetings,

      I am having a little problem explaing my issue, so I think it'll be best by an example.

      My pfSense has two main networks 192..168.10.X being the main one where all traffic is not encrypted. 192.168.20.X has everything encrypted via a VPN provider using these guides (with slight alterations):

      https://nguvu.org/pfsense/pfsense-baseline-setup/
      https://nguvu.org/pfsense/pfsense-multi-vpn-wan/

      I have a cloud server on network 10, as traffic gets my WAN IP, but all my wifi AP's are on the 20 network, so that traffic is sent via the VPN provider. But traffic seems to go across the networks without going though the VPN provider as the cloud server gives me a certificate error and shows the pfSense GUI certificate. The cloud server works fine when I am not at home, or if I "VPN my VPN" connection via a 2nd VPN provider, leading me to think there is a setting i have forgotten or do not know about for local communications across networks.

      Thank you very much for any help.

      1 Reply Last reply Reply Quote 0
      • JKnott
        JKnott last edited by

        With both networks directly connected to pfSense, why would traffic try to go out through the VPN? The shortest route is directly through pfSense.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 64 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • O
          o3x3omasmc last edited by

          Any setting to change this behavior to "force" the 20 network to go though VPN, even when going to servers on the 10 network?

          1 Reply Last reply Reply Quote 0
          • JKnott
            JKnott last edited by

            You'd have to set up the firewall rules to block traffic between the VLANs and also allow it out the VPN

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 64 GB SSD & 4 Intel Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            1 Reply Last reply Reply Quote 0
            • First post
              Last post