<![CDATA[pfSense as remote client to VPN Host WAN Problem]]>Followed this guide.
https://www.youtube.com/watch?v=lp3mtR4j3Lw

Setup:
Site A: pfSense WAN_VPN Client Interface
Site B: pfSense VPN Host Server (Remote Access)

Issue: Clients connected to the WAN_VPN get directed to Site B as desired but the other clients lose WAN. If I disable interface, WAN returns.

WAN_VPN Client Detail:
Bars the server from adding routes to the client's routing table [checked]
Advanced: redirect-gateway def1;

System->Routing->WAN is Default

I worked around it by setting applicable firewall rules on LAN to use the Advanced->Gateway->WAN but there must be a different solution. Why would the default gateway WAN not be used? How can I debug this? Thanks!

]]>https://forum.netgate.com/topic/144619/pfsense-as-remote-client-to-vpn-host-wan-problemRSS for NodeSat, 06 Jun 2026 11:31:58 GMTTue, 02 Jul 2019 17:04:42 GMT60<![CDATA[Reply to pfSense as remote client to VPN Host WAN Problem on Tue, 02 Jul 2019 18:36:52 GMT]]>@Rico Clients connected to the WAN_VPN get directed to Site B as desired but the other clients lose WAN. If I disable interface, WAN returns.

I worked around it by setting applicable firewall rules on LAN to use the Advanced->Gateway->WAN but there must be a different solution. Why would the default gateway WAN not be used?

]]>https://forum.netgate.com/post/851342https://forum.netgate.com/post/851342Tue, 02 Jul 2019 18:36:52 GMT<![CDATA[Reply to pfSense as remote client to VPN Host WAN Problem on Tue, 02 Jul 2019 18:30:43 GMT]]>You can Policy Route traffic back and forth like you want just with Firewall Rules. I'm 99% sure @jimp covered this in one of the hangouts I've already linked you.
But DON'T setup any crazy stuff like Remote Access VPN and use it for a site to site.

-Rico

]]>https://forum.netgate.com/post/851341https://forum.netgate.com/post/851341Tue, 02 Jul 2019 18:30:43 GMT<![CDATA[Reply to pfSense as remote client to VPN Host WAN Problem on Tue, 02 Jul 2019 18:25:09 GMT]]>I already have Site-to-Site and that was easy. What this does is route all traffic from a specific subnet in Site A to WAN of Site B - just like a Privacy VPN.

]]>https://forum.netgate.com/post/851340https://forum.netgate.com/post/851340Tue, 02 Jul 2019 18:25:09 GMT<![CDATA[Reply to pfSense as remote client to VPN Host WAN Problem on Tue, 02 Jul 2019 18:22:34 GMT]]>So you want to connect two Sites with OpenVPN?
You followed the wrong guide then... generally speaking OpenVPN as a WAN is used to tunnel all traffic through some VPN provider.
Setup one Site as OpenVPN Server in Peer to Peer (SSL/TLS) or Peer to Peer (Shared Key) mode and connect the other Site as OpenVPN Client in the same mode.
Here you have the matching Video hangouts:
https://www.netgate.com/resources/videos/site-to-site-vpns-on-pfsense.html
https://www.netgate.com/resources/videos/advanced-openvpn-on-pfsense-24.html

-Rico

]]>https://forum.netgate.com/post/851337https://forum.netgate.com/post/851337Tue, 02 Jul 2019 18:22:34 GMT