Openvpn to one inside ip-address



  • Hi!

    This might be stupid answer but would it be anyhow possible to force all traffic from one ip-address (internal) to my-express-vpn service?

    I have read that it is possible to use pfsense as a vpn-client but it is impossible to force all my internal computers to use that vpn-service. Basicly I only wanted that my OpenElec xbmc is using that one. Is this question understable?


  • Rebel Alliance Developer Netgate

    Assign the OpenVPN interface from Interfaces > (assign)  – check around the forum for details.

    Once assigned and properly enabled/configured you get a gateway to use for policy routing, then you can match that one client in a rule and use the VPN gateway for that one user's traffic.



  • Hello.  I have read a number of forums that say to do this…  However, every time I try to assign and interface to the VPN, it breaks the VPN :(.

    As soon as I click "enable" on the opt1 VPN interface, the VPN appears to connect, but neither side can ping each other anymore....

    Any clue why?


  • Rebel Alliance Developer Netgate

    That is normal. After assign/enable/apply you must edit/save the VPN to restart it, then it is fine.



  • WOW!  I think I tried everything except that :)  LOL!!!  THANK YOU SO MUCH!  That fixed it :)  Now to go looking at more forums to allow users to come in on external IP from site A and it point to an internal site B machine!  :)

    Thanks again!!!



  • Sorry I am NOOB… Is it any way to help me more... I need "barb wire" to guide me... ::)


Log in to reply