Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Bypass openVPN with static route

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 294 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      WisceBIat
      last edited by

      Hello,

      Currently have two pfSense instances installed on Proxmox as virtual machines. My main instance of pfSense is using two physical NICs; WAN connected to my ISPs router/modem and LAN for the rest of my virtual machines in Proxmox.

      My second instance of pfSense has its WAN port connected to the LAN port of the first pfSense instance and the LAN port is for a subnet of virtual machines. I've essentially followed the instructions below on the second pfSense instance to make my subnet of VM's use the openVPN connection at all times.

      Quick rundown of that guide:
      1- Handle all the certificate stuff and establish openvpn connection
      2- Create an interface
      3- Create an alias pointing to the LAN VM subnet
      4-Enable manual outbound NAT -> Modify the mappings to use expressvpn interface create earlier
      5-Create a firewall rule to route all traffic from alias created earlier to EXPRESSVPN_DHCP default gateway

      Now all my virtual machines on that second subnet are working through that openVPN tunnel. This is great!

      Now I want to be able to access the Proxmox server sitting on the subnet of the first pfSense instance from my virtual machines on the openVPN subnet. How do I go about doing this? Is it possible while the VPN tunnel is activated in pfsense? I was thinking I need to create some sort of static routes that will route any traffic if it's intended for the other subnet where Proxmox is sitting.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.