How to pass one IP from client thru server side gateway?


  • Hello all.
    I've been struggling on finding a solution which will allow me to pass one (or more) private IP's from my client side (A) pfSense via PTP link to the server side (B) and allow the traffic to flow out the public gateway on the server side (B).
    I have no problem passing traffic from A to B subnets and I can add the "redirect-gateway" rule... but of course that caveat passes all traffic from A to B.

    To address this in other words... I have a TV @-A running an app that will only run while connected to the public network @-B.
    The other PIA is that the TV ONLY accepts DHCP addressing no static settings allowed.
    I toyed with DHCP rules applied to the MAC address to try to bind to a secondary gateway address within the subnet, but no dice.
    I do need the TV to access the local subnet address range as well, so I am hoping to use a gateway solution to allow for normal traffic flow.

    Any ideas?


  • @beui
    You can do the by a policy routing rule.

    You have to assign an interface to the OpenVPN instance at A if you didn't that already.
    Add all your internal destinations or networks the TV need to access or as well possible all RFC 1918 networks to an alias.
    Then add a pass rule to the interface the TV is connected to, at destination check "invert" and enter the alias, expand the advanced options and go to gateway and select the openVPN gateway from the drop-town.
    Put this rule to the top of the rule set so that it is applied before checking the others for local traffic.