VPN routing internet traffic

  • Hi there,

    I've set up 2 x pfsense CARP failover, both attached to a DSL modem.

    I've also created an IPSEC VPN so clients can access the network from Macs/iPhones etc.

    This all works well with the exception of a routing problem. Namely when connected to the VPN, all internet traffic is routed via the VPN connection. I know this to be true as other than slowing it down, if I go to www.whatismyip.com (or equivalent) it shows the IP address of the VPN site.

    Is it possible to configure IPSEC to tell clients to use the VPN for that network traffic only and continue to use their LAN for internet traffic?


  • Rebel Alliance Developer Netgate

    That would depend on your IPsec client setup. For mobile clients, it's up to the client to decide what to send over the VPN. You can try the option to "provide a list of networks" to the client, but I'm not sure if that's seen/obeyed by iOS clients.

  • Thanks. I tried that before posting and it made by VPN unaccessible. After giving it another go and rebooting everything in between it's worked though.  ;D

Log in to reply