Can't get off VPN?



  • After getting Express-VPN working (with nice throughput from their Montreal server) btw. I can't get off, of it.

    All traffic routes now through the VPN but i need to differentiate.

    How can i route only designated traffic from LAN to the VPN?

    • Only traffic from an Alias (list of hosts) should send and receive traffic to/from VPN

    • All other LAN clients should route over the default WAN

    I tried the rules below with the intention to

    • allow all alias traffic

    • block all other LAN traffic from the VPN

    which resulted in a total lockout until i disabled the FW with pfctl -d.

    Pulling my hair  :-X, any advise?
    Thanks!



  • Had the same problem with mine before my box crashed (now can't get it back working).
    Change the first firewall rule from DEFAULT GATEWAY to the GW-WAN…......that will get ALL the traffic off the Tunnel, but the tunnel will stay up and working......then peck, peck your way through the other.

    Now as to the rest, if I can get mine back up and working I believe that we will have to set up some kind of routes for the VPN and burn a firewall rule in for EACH device you want out the tunnel (by IP, Name, etc)

    P.S. Backup you config.xml file with your working configuration BEFORE you start tweaking!!! That way if you break it all....you can restore the working configuration....trust me I know.

    Haven't worked on mine lately...too much Holiday.....