Routing to internal gateway

  • Hi to all,

    I have problem configuring pfsense : I have installed pfsense and configured users to use it to access Internet.
    For a specific destination (a specific host : X.X.X.X),  user must pass through a vpn device which is in the same local network as users and pfsense
    I have tried to make a static route in order to tell to pfsense to route all trafic in destination to HOST X.X.X.X to the vpn device, but when I make traceroute all trafic passes through pfsense to internet.
    The only solution is to add manual route in all users PCs in order to send directly trafic to vpn and do not user pfsense.

    Can pfsense do it?

    Thank you

  • does the vpn route work if you do add a static route to a PC?
    what ports are you trying to use on this specific host? are you using Squid?

  • Thank you for your reply
    Yes, if I add static route on each PC, the vpn route work correctly
    I'm not using squid, I have a basic installation
    This is what I'm trying to do :
    Internet –------- PfSense --------- LAN (PC + VPN gateway)
    I'm trying to tell PfSense to re-route every request from LAN in destination to a specific IP to the VPN Gateway (to use a VPN tunnel)
    Is it possible with pfsense without making static route on each host?

  • Certainly that should work.
    On your static route, ensure you have the LAN interface selected and are using a /32 if your destination network is just a single host.

    Are there any restrictions on your VPN Gateway for which internal hosts it will accept connections from? Is the pfSense blocked?

  • It works!
    I have to check 'Bypass firewall rules for traffic on the same interface' on System->Advanced
    That means that some rules are missing in the firewall. Using this option they're not needed.

    Thank you!

