<![CDATA[Policy Based Routing]]>Just created a couple of NordVPN OpenVPN tunnels and set up a Gateway group.

Am I correct in stating my non VPN routed networks needs to be set up like this:-

0_1549021752698_Screenshot 2019-02-01 at 11.42.54.png

Where h_ip_local = my local subnets excluding the Nord routed network.

0_1549021827444_Screenshot 2019-02-01 at 11.47.30.png

Everything seems to be working fine, first go at multi WAN & policy based routing :)

]]>https://forum.netgate.com/topic/140192/policy-based-routingRSS for NodeThu, 12 Mar 2026 00:54:51 GMTFri, 01 Feb 2019 11:51:29 GMT60<![CDATA[Reply to Policy Based Routing on Sat, 02 Feb 2019 20:47:19 GMT]]>You essentially have two choices when dealing with an OpenVPN provider "WAN."

  1. DO NOT check Don't pull routes in the OpenVPN client configuration and policy route the traffic you DO NOT WANT to go over the VPN.

  2. DO check Don't pull routes in the OpenVPN client configuration and policy route the traffic you DO WANT to go over the VPN.

I generally prefer option 2 but that presents problems if you do not understand the ramifications of the fact that connections originating FROM THE FIREWALL ITSELF cannot easily be policy routed.

]]>https://forum.netgate.com/post/821845https://forum.netgate.com/post/821845Sat, 02 Feb 2019 20:47:19 GMT