VPN with non-default gateway



  • I'm attempting to setup a PIA VPN by using the airvpn setup instructions at the following url.

    https://airvpn.org/topic/11245-how-to-set-up-pfsense-21-for-airvpn/

    I got pretty much everything working to how I want it except for the firewall default gateway rule.  I have multiple interfaces and rules for each interface.  When I change a firewall rule for a LAN interface from the 'default' gateway to "WAN_DHCP", it works for traffic that goes outside the firewall, but I can't use things internal to the firewall.  So, for example….

    I have an ssh rule from 10.0.112.5 to 10.0.110.3.  When I set it to 'default', things work fine.  If I change it to "WAN_DHCP", I can no longer ssh from 112.5 to 110.3.

    How bad is it if you don't set the gateway away from default?


  • Banned

    Perhaps start by reading this: https://forum.pfsense.org/index.php?topic=76015.0



  • Thanks for the information.  I saw that and kind of flipped flopped between the two instructions.  I think what's happening is that when I choose the "WAN_DHCP" gateway, it routes it out of the WAN_DHCP gateway….which is fine....but when it's an internal machine, if it goes out the WAN_DHCP gateway, then I would have to add a firewall rule to allow it from the WAN address instead of the subnet to subnet address.

    With it selected to 'default', I get the impression that pfsense just routes it from one subnet to another, without going out of the WAN interface.


  • Banned