Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Route all traffic via VPN

    OpenVPN
    3
    4
    1454
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      makbet last edited by

      This really brings me headache now. I tried to mess around with static routes, port forwarding etc. and couldn't get it to work.
      I guess now i need some bulletproof guide.

      I need to be able to route all traffic on LAN2 via my VPN connection

      Below is a screenshot of my interfaces

      AS you can see VPN connection is up and running. When I will connect to my VPN server directly from my computer, everything works great. I can go to whatismyip.org or any other website and I will see VPN server's IP instead of my real one, so I want to achieve exactly the same for all computers in LAN2.

      Now you can have a look at screenshot of my routes

      The vpn server is a debian with OpenVPN on it and the config is as following:

      
port 1194
proto udp
dev tun
ca ca.crt
cert local.crt
key local.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir ccd
route 10.8.0.0 255.255.255.0
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3

      I've tried it with push "redirect-gateway def1" option and I was loosing internet connectivity.
      Funny thing is that when i logon to pfsense shell I can ping 10.8.0.10 as well as 10.8.0.1
      From computers within LAN2 i can ping only 10.8.0.10

      Right now I am completely clueless, so I hope some of you can help me out.

      1 Reply Last reply Reply Quote 0
      • M
        makbet last edited by

        little bit of progress, thanks to some post i just found here

        Right now, computers from LAN2 can ping 10.8.0.1
        I only needed to add the rule for openvpn, however I'm still not able to route all the traffic via vpn connection

        1 Reply Last reply Reply Quote 0
        • M
          Metu69salemi last edited by

          What if you create firewall rule with gateway setting?
          This was again one of those shot in the dark kind of advices.. ;)

          1 Reply Last reply Reply Quote 0
          • G
            georgeman last edited by

            You have a problem with the default gateway for the LAN2 network. Try to manually set it as the OpenVPN one and let's see… Do you want to always route all traffic through the VPN, or only if it is up?

            Now, I really don't know about how pfSense behaves as an OpenVPN client (I just use it as a server). There must be an option to specify what to do with the traffic. Otherwise, I guess you could just setup some gateway failover between WAN an OpenVPN.

            Cheers!

            If it ain't broke, you haven't tampered enough with it

            1 Reply Last reply Reply Quote 0
            • First post
              Last post