Policy based routing

JohnP_SHA · Jun 28, 2014, 2:57 AM

Hi there,

I am running a pfSense firewall since a few weeks with great success I got great throughput through OpenVPN tunnels. I live in China and not only blocked websites is an issue but also speed limitations. I have guaranteed pings and speeds to outside of china which is great for the tunnel. However just as out of china internet is usually slow it is also slow into china from outside into china, so some sites I can't open through the tunnel.

The idea was policy based routing I installed pfBlocker which generates and updates a list of chinese ip address ranges and saves it as alias. I added a rule that sets gateway for those ips that match the list. However whatever I set all traffic always gets routed through the tunnel. Any Idea what I could be doing wrong?

Once I solved this I'd actually add a tunnel for Americas to US West Coast and Taiwan for Asia to speed up things even more…

Thank you very much for help

Chris

timthetortoise · Jun 30, 2014, 3:08 PM

You will also have to set up advanced outbound NAT for the IP ranges you want to be directed to the alternate gateway.