Openvpn to one inside ip-address

peehoo

Hi!

This might be stupid answer but would it be anyhow possible to force all traffic from one ip-address (internal) to my-express-vpn service?

I have read that it is possible to use pfsense as a vpn-client but it is impossible to force all my internal computers to use that vpn-service. Basicly I only wanted that my OpenElec xbmc is using that one. Is this question understable?

jimp

Assign the OpenVPN interface from Interfaces > (assign)  – check around the forum for details.

Once assigned and properly enabled/configured you get a gateway to use for policy routing, then you can match that one client in a rule and use the VPN gateway for that one user's traffic.

meluvalli

Hello.  I have read a number of forums that say to do this…  However, every time I try to assign and interface to the VPN, it breaks the VPN :(.

As soon as I click "enable" on the opt1 VPN interface, the VPN appears to connect, but neither side can ping each other anymore....

Any clue why?

jimp

That is normal. After assign/enable/apply you must edit/save the VPN to restart it, then it is fine.

meluvalli

WOW!  I think I tried everything except that :)  LOL!!!  THANK YOU SO MUCH!  That fixed it :)  Now to go looking at more forums to allow users to come in on external IP from site A and it point to an internal site B machine!  :)

Thanks again!!!

peehoo

Sorry I am NOOB… Is it any way to help me more... I need "barb wire" to guide me... ::)