Route some IP's/traffic through pfsense gateway
Looking for some help, we have staff that connect to our openvpn to access internal resources. This is a split tunnel the gateway is not redirected.
Some staff need access to external servers via remote desktop, which is locked down to our IP address/Gateway on our pfsense router.
How can I create a list of IP's staff can access via openvpn thats redirected through the pfsense gateway while keeping the gateway not redirected for all other traffic.
viragomann last edited by viragomann
Read your post twice. As I understand it now, that concerns only road-warrior clients.
So to route the client traffic to the concerned external servers over the vpn, add all these server to your access server settings to "Local Network/s" in CIDR notation. E.g. 188.8.131.52/32
Add on outbound NAT rule for your clients (Firewall > NAT > Outbound). If it is in automatic mode switch to hybrid at first.
Then add a rule:
source: <the access server tunnel network>
tranlation: interface address
If you have resticted the vpn client access, ensure to add a firewall rule to allow the access.
I'm afraid you can't do it with one OpenVPN tunnel. You can create second OpenVPN tunnel or use IPsec RA with Pre-Shared Keys option which allows you to assign different IP-subnets to different clients and then aplly different firewall rules for each of them:
@viragomann do you have a working setup where you could post some screen shots of the config. Thanks
viragomann last edited by
Read your post twice and edited my answer above.
@viragomann Thanks very much, that works perfectly :)