How to bypass VPN for 1 LAN IP?



  • Currently  I have my pfsense router setup routing all lan traffic through openvpn (PIA) per: http://www.bodenzord.com/archives/324

    I would like to allow my desktop to bypass the VPN and keep everything else following through the VPN.

    I have found similiar posts by using google but nothing I have found has worked. The closest post I've found related to my problem is https://forum.pfsense.org/index.php?topic=58630.0 and I've tried to follow jimp's suggestion by creating this lan rule:

    But still have no luck getting that single ip to bypass the vpn.

    Any suggestions and feedback is greatly appreciated.



  • Ironically, I'm having the same problem exactly.  Didn't catch it during my new post.

    I can get it so the device I want to exclude gets the proper WAN IP from my ISP, but the service I ultimately need to work via port forwarding does not.

    I'll follow up if I can get it working

    https://forum.pfsense.org/index.php?topic=79591.0



  • I actually do the same exact thing with PIA.

    You must use a firewall rule, as you have already.

    But you also must use a Outbound NAT rule go to Firewall -> NAT -> Outbound, switch this to manual, add a rule at the top, as shown below:

    But instead of a subnet put a single IP address in(your desktop).