Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    All traffic vs Remote Session Only

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 417 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      Optimus Prime
      last edited by Optimus Prime

      In the pfSense router, I can successfully route all traffic from my iPhone, but seem unable to tell it to only route to the home resources (file explorer, Remote Desktop) leaving web browsing through iPhone gateway.

      Thoughts? If I edit the OpenVPN server after successfully routing all traffic, what changes need to be made to only route traffic for the local home resources?

      I just setup my pfSense box, and now I’m no longer using the OpenVPN implementation from my Orbi router. I have successfully setup a connection which routes all traffic through OpenVPN on my pfSense router.

      That said. My Orbi router had an interesting setting - it would allow me to route all traffic through the VPN or just the data from the remote session. This is fine when using my iPhone. I don’t need to route my web browsing, just my access to the local hole resources.

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        Routing only traffic for destinations on the remote site over the VPN is the default setting if you go though the OpenVPN setup wizard. But obviously you have checked "Redirect Gateway".

        If you want to change that behaviour, go to the server settings and remove the check from "Redirect Gateway" and enter your local networks into the "Local Network/s" box, IPv4 or/and IPv6.

        1 Reply Last reply Reply Quote 0
        • O
          Optimus Prime
          last edited by

          Thank you. That's what I thought...I made a separate server for testing...I must have messed something up. When I make the changes in the original server, my connections are once again working. I was able to confirm using WhatsMyIp.

          Thanks for the feedback.

          1 Reply Last reply Reply Quote 0
          • O
            Optimus Prime
            last edited by

            I think I figured out the problem. When I copy the original VPN server to create the second instance to not route all traffic, I have to change the listening Port.

            When I change the listening port, I then also have to duplicate the firewall rule.

            But, when I duplicate the firewall rule, it will not let me assign the new port value. I have to re-create the rule from scratch. Not hard at all.

            So new question - in the dropdown selection for the service ports, there is a port pre-labeled for the original OpenVPN instance. Since I've created a new server with different settings, is there a way in the GUI to add to the pre-populated list of service ports?

            ports.png

            Also - are there tag attributes I can add to make pictures smaller in my posts?

            1 Reply Last reply Reply Quote 0
            • V
              viragomann
              last edited by

              The service names here are just for info based on the standard ports.
              If you need to allow a non-standard port, just select "other" and enter the desired port next to the drop-town.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.