Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remote Acess VPN Server: Routing non-LAN traffic?

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 428 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      oguruma
      last edited by oguruma

      I have a remote access OpenVPN server set up. It works as intended.

      I need it mainly to access files on the file server. About 5 or so users total.

      What I would like to do is have client general internet traffic not pushed through the VPN.

      Since my lab only has a 100/10 connection, it's probably not ideal; to push peoples' Youtube streaming/general web browsing/gaming through that connection....

      Is there a way to route traffic that's not a resource on the network to not go through the tunnel?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @oguruma
        last edited by viragomann

        @oguruma
        In the OpenVPN server settings remove the check at "redirect gateway", instead enter the networks which the clients should be able to access into the "Local networks" box. If it's only that one server you can enter a single IP with a /32 mask.

        Since the clients can apart from this route anything over the VPN on their own, it's a good advice to restrict your firewall rules accordingly. Instead of allowing access to any destination on the OpenVPN interface limit it to your needs.

        Also you might have an Outbound NAT rule for the OpenVPN tunnel network (possibly added automatically by the wizard and removed again by unchecking "redirect gateway), which you can remove, if no WAN outbound is desired from VPN clients.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.