Routing certain client traffic through VPN
-
Hello,
I have been reading up on the process to route certain websites through the VPN for clients working remotely. I have created an alias with the IPs for the given website and then created a rule that will route traffic from the VPN source going to the alias destination through our gateway.
What I am not clear about is the last part I see mentioned about "don't pull routes" on the client configuration. Some more background on our existing setup - currently there is nothing in the clients section of our openvpn config.
Is this required in order for the rule to work? I don't want to impact any of the other vpn configuration if possible. A lot of it was set up prior to my taking over the role and I am not exactly an expert in this area.
I have not tested the rule so far, just set it up as disabled.
-
@ngforumsmt said in Routing certain client traffic through VPN:
I have created an alias with the IPs for the given website and then created a rule that will route traffic from the VPN source going to the alias destination through our gateway.
If this is the default gateway it is not necessary to state it.
The clients tab is for configuring OpenVPN clients, so that pfSense connects to a remote server.
This might not be, what you're looking for.Did you check "Redirect gateway" in the concerned server settings? Or do you want to just route these certain IPs over the VPN.
If just a view IPs you have to add them to the "Local networks" in CIDR notation (with /32 mask).In any case, ensure that there is an outbound NAT rule on WAN for the OpenVPN tunnel network.
-
@viragomann I see. Yeah I can't seem to find a more specific set of instructions.
Basically we just want anyone who is connected to VPN to route traffic over the VPN when going to a specific site, which we have the IPs for added into an alias.
I did not change anything on the server settings because I am not 100% sure on the steps and this is in production.