Policy Based Routing
-
Just created a couple of NordVPN OpenVPN tunnels and set up a Gateway group.
Am I correct in stating my non VPN routed networks needs to be set up like this:-
Where h_ip_local = my local subnets excluding the Nord routed network.
Everything seems to be working fine, first go at multi WAN & policy based routing :)
-
You essentially have two choices when dealing with an OpenVPN provider "WAN."
-
DO NOT check Don't pull routes in the OpenVPN client configuration and policy route the traffic you DO NOT WANT to go over the VPN.
-
DO check Don't pull routes in the OpenVPN client configuration and policy route the traffic you DO WANT to go over the VPN.
I generally prefer option 2 but that presents problems if you do not understand the ramifications of the fact that connections originating FROM THE FIREWALL ITSELF cannot easily be policy routed.
-
