Single client all through tunnel - which IP range?

  • Hi!

    I have a site-to site openVPN tunnel (peer to peer, shared key, UDP, tun), all up and running, can reach the remote subnets from both sides.

    No I wanted to force the whole traffic for one IP ( on the client side ( to go through the tunnel and I added under Advanced configuration on the client side:


    I added an outbound NAT rule to WAN interface

    Subsequently I got some states and the route was established (had on both sides firewall rules for openVPN any to any), but could not reach anything, not on the other side of the tunnel, not on the internet.

    Is it possible to route a single IP from a larger subnet through the tunnel, as I have 2 routes, one for the net (standard gateway) and one for the (openvpn)?

    Do I need a completely different subnet for the client to be routed completely through the tunnel?

    Many thanks in advance…