Local connection ok, remote not
I'm fairly sure I know the issue, I'm just looking for the best method to correct it.
I have my pfsense box behind my router (for… reasons). It's running an OpenVPN client and server at the same time. LAN rules are setup to direct all LAN traffic to OpenVPN (PureVPN). My tomato router controls the gateway addresses for clients I want to have VPN access.
The server works fine locally, but when I try to connect remotely it won't respond to clients (incoming seems to be ok). I suspect the outgoing packets are being directed through my VPN rather than back to the client over the WAN connection.
What is the best way to setup the rules so that LAN traffic in 10.0.1.0/24 goes to VPN, but anything originating from the OpenVPN server goes to WAN. I fear I'd be opening up my box to some scary security problems if I add very general rules for all WAN traffic.
Figured it out. I needed to add a static route to my router so the VPN packets would reach the pfsense machine rather then bounce harmlessly off the gateway.