Deny bypassing the OpenVPN tunnel?

  • Hi,

    I have the following scenario at the moment:


    == means VPN tunnel
    pfSense box is configured as the VPN client, the server acts as the gateway to the internet

    When I disable the tunnel by shutting down the server, the clients (pc1-3) access internet through the pfSense WAN interface. Thus they are bypassing the VPN tunnel.
    I tried a few rules, but I can't block the packets without harming the complete output including the VPN packets.

    tunnel is
    LAN clients are

    I tried blocking ANY from LAN where destination IS NOT
    It didn't worked, as the destinations are still WAN adresses in the packets and only the gateway is, i guess.
    Should i try to manipulate the static routes?

Log in to reply