Firewall rule to ensure that traffic from pfSense uses a specific gateway



  • Hi All,

    Just wondering if anyone can help me.

    I've got two OpenVPN connections, one to a London VPN and the other to the Netherlands.
    I've already got my rules setup so that most of my traffic goes to the London VPN, but my media server uses the Netherlands.

    However, if I run curl ifconfig.me/ip from a terminal prompt on the pfSense box, it returns the London VPN IP address.
    Similarly, when I run traceroute, it's using the London gateway.

    I really need to router to use the Netherlands gateway, as it supports port forwarding via a script that you run to assign a port.
    If the source IP when the script is run is from the London gateway, you simply get an error saying that this gateway doesn't support forwarding.

    I realise that I could probably just reverse the order of the VPNs in the configuration list, and it would probably work (as it's connecting to the Netherland first).
    However, I'd really like to do this with rules.

    I've tried creating a firewall rules which says that traffic from the router IP (192.168.0.1) should go through the Netherlands gateway, but this doesn't work.
    I've already got this working with another machine on my LAN (192.168.0.20), which uses the Netherlands gateway just fine.
    I'm thinking there is something special about the router IP address, such that firewall rules don't apply to it.

    Any help would be much appreciated.

    Thanks,

    Andy.






  • Andy:

    Can you post your routing table.



  • i 've a similar problem. since rel. 2.1 pfsense bypass the rules from the traffic generate by the router. this problem affect squid and any service you have in the router.


Log in to reply