Traffic not going though WAN when server is on different local network



  • Greetings,

    I am having a little problem explaing my issue, so I think it'll be best by an example.

    My pfSense has two main networks 192..168.10.X being the main one where all traffic is not encrypted. 192.168.20.X has everything encrypted via a VPN provider using these guides (with slight alterations):

    https://nguvu.org/pfsense/pfsense-baseline-setup/
    https://nguvu.org/pfsense/pfsense-multi-vpn-wan/

    I have a cloud server on network 10, as traffic gets my WAN IP, but all my wifi AP's are on the 20 network, so that traffic is sent via the VPN provider. But traffic seems to go across the networks without going though the VPN provider as the cloud server gives me a certificate error and shows the pfSense GUI certificate. The cloud server works fine when I am not at home, or if I "VPN my VPN" connection via a 2nd VPN provider, leading me to think there is a setting i have forgotten or do not know about for local communications across networks.

    Thank you very much for any help.



  • With both networks directly connected to pfSense, why would traffic try to go out through the VPN? The shortest route is directly through pfSense.



  • Any setting to change this behavior to "force" the 20 network to go though VPN, even when going to servers on the 10 network?



  • You'd have to set up the firewall rules to block traffic between the VLANs and also allow it out the VPN