Route specific ip's to different gateway

  • So I use pfsense as my default gateway, but I have a hardware vpn client at and need to route all traffic from specific ip's say to that gateway. I just have no idea how to do it. I tried creating a new gateway in system > routing > gateways pointing to, then creating a lan firewall rule set to allow all with the new gateway. but this does not seem to work.

    I am testing by going to a whats my ip webpage. if i manually change my computers gateway to 254 it shows the vpn ip.

    any help would be great!

  • This firewall rule… is it higher up in the list than the "Default allow LAN to any" rule?

    I've set up something similar, but with an OpenVPN client running on my pfSense box. I have a computer that is directed out the VPN connection, while everything else is going out via my normal ISP connection. My LAN rule set is something like....

    1. Source -, Dest. - Any, GW - VPN
    2. Source - LAN Net, Dest. - Any, GW - Default

    Remember that packets will be processed against the rules from the top down.

  • LAYER 8 Netgate

    That's going to be problematic because you'd need to route traffic out the same interface it came in on.

    If you have, say: pfSense LAN Host VPN device

    If you set the default gateway on to, then make a rule on LAN sending traffic from to it's going to get weird.

    Why not just set the default gateway of the host to if that's how you want it to behave anyway?  Then there's almost no possibility of leakage.

    What does the VPN device do that pfSense can't do itself?

Log in to reply