PfSense -> StrongVPN, don't push me!


  • First, I don't know jack about OpenVPN but I've learned a fair bit in the past few hours.

    Trying to setup pfSense with a connection to StrongVPN, found some nice guide here:

    http://forum.pfsense.org/index.php?topic=29944.0

    The guide works, I can get all traffic routing over the VPN.  But I don't want that :-(

    Any time I connect to StrongVPN two new routes are put in pfSense that direct all traffic over the VPN leaving my default gateway unused.

    The guide suggests to use this: redirect-gateway def1;

    That redirects all traffic over the VPN, however even with that not in the configuration the new routing is stuck in there, I think the setting is still being pushed from the StronVPN server.

    Anyone know how to do selective routing and/or not have the default gateway bypassed?


  • not have the default gateway bypassed:

    route-nopull
    

    you would be better off leaving it as is, and using firewall rules to force specific traffic over the default gateway when you want it.
    this will give you an idea on how to do it;
    http://forum.pfsense.org/index.php/topic,29944.msg183345.html#msg183345


  • @geyser:

    First, I don't know jack about OpenVPN but I've learned a fair bit in the past few hours.

    Trying to setup pfSense with a connection to StrongVPN, found some nice guide here:

    http://forum.pfsense.org/index.php?topic=29944.0

    The guide works, I can get all traffic routing over the VPN.  But I don't want that :-(

    Any time I connect to StrongVPN two new routes are put in pfSense that direct all traffic over the VPN leaving my default gateway unused.

    The guide suggests to use this: redirect-gateway def1;

    That redirects all traffic over the VPN, however even with that not in the configuration the new routing is stuck in there, I think the setting is still being pushed from the StronVPN server.

    Anyone know how to do selective routing and/or not have the default gateway bypassed?

    Can I ask, what openvpn setup are you using w/ StrongVPN - ie, what encryption levels etc.

    Thanks,
    Brian