Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Access internal VPN, but also keep access of work LAN. Split VPN?

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dkshaw
      last edited by

      This is hard to describe, but I am curious if its possible (and how) to be able to remote into my OpenVPN server that I have set up, but then also be still able to access the internal sites that I have on my remote computer.

      Another way of putting this is that at work I have the public IP of 123.456.789.10. At home my internal IP is 192.168.1.1 and when I VPN in I have it set for 192.168.2.1.

      When I VPN in I can access my internal LAN just fine, but my computer at work takes on the public IP at my house. It works the way it should.

      What I ideally want is to be able at work to still have my public work IP so that I can access work mapped drives and intranet sites, but at the same time be able to remote into my computer at home using VNC (port 5900) or other home internal sites.

      Is it possible to split a VPN client station up like that so that I can tunnel only VNC traffic from the VPN, but keep outside traffic from going to the VPN also? Almost like a split VPN.

      Sorry if that's confusing. It's hard to explain!

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        If it is as hard to explain, draw a map of your situation and what you're trying to achieve.
        Where is your VPN server? At work? At home? Where is the client? …  ???

        1 Reply Last reply Reply Quote 0
        • D
          dkshaw
          last edited by

          I'd say the locations are pretty simple to explain. I am running pfsense at home and have OpenVPN setup on it. The client is running at work.

          Right now when I connect all my traffic is going through to the VPN. I'd like to split that up if possible.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            Well don't send your client default route then, and only send the routes that are at your home..

            This way it uses the vpn to get to networks that are at your home, and then its normal routing to get to anything else, like the internet, etc.

            I do this all the time I am always connected to my home vpn while at work.. But I only route my home networks through the vpn.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.7.2, 24.11

            1 Reply Last reply Reply Quote 0
            • M
              marvosa
              last edited by

              What you're going for is called a split tunnel.  At some point during your setup, you clicked this box, which is why all your traffic is being routed down the tunnel:

              All you have to do is uncheck it and make sure your home LAN is entered in the "IPv4 Local Network/s" section.

              1 Reply Last reply Reply Quote 0
              • D
                dkshaw
                last edited by

                That was it! Thanks @marvosa. All is working beautifully now.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.