4. Route all traffic via VPN

Route all traffic via VPN

  • M

    This really brings me headache now. I tried to mess around with static routes, port forwarding etc. and couldn't get it to work.
    I guess now i need some bulletproof guide.

    I need to be able to route all traffic on LAN2 via my VPN connection

    Below is a screenshot of my interfaces

    AS you can see VPN connection is up and running. When I will connect to my VPN server directly from my computer, everything works great. I can go to whatismyip.org or any other website and I will see VPN server's IP instead of my real one, so I want to achieve exactly the same for all computers in LAN2.

    Now you can have a look at screenshot of my routes

    The vpn server is a debian with OpenVPN on it and the config is as following:

    
port 1194
proto udp
dev tun
ca ca.crt
cert local.crt
key local.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir ccd
route 10.8.0.0 255.255.255.0
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3

    I've tried it with push "redirect-gateway def1" option and I was loosing internet connectivity.
    Funny thing is that when i logon to pfsense shell I can ping 10.8.0.10 as well as 10.8.0.1
    From computers within LAN2 i can ping only 10.8.0.10

    Right now I am completely clueless, so I hope some of you can help me out.

    0
  • M

    little bit of progress, thanks to some post i just found here

    Right now, computers from LAN2 can ping 10.8.0.1
    I only needed to add the rule for openvpn, however I'm still not able to route all the traffic via vpn connection

    0
  • M

    What if you create firewall rule with gateway setting?
    This was again one of those shot in the dark kind of advices.. ;)

    0
  • G

    You have a problem with the default gateway for the LAN2 network. Try to manually set it as the OpenVPN one and let's see… Do you want to always route all traffic through the VPN, or only if it is up?

    Now, I really don't know about how pfSense behaves as an OpenVPN client (I just use it as a server). There must be an option to specify what to do with the traffic. Otherwise, I guess you could just setup some gateway failover between WAN an OpenVPN.

    Cheers!

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy