Question on how to route some traffic over WAN and everything else over VPN

  • I've decided to start using a VPN (AirVPN) for all of my home network traffic which works great, but unfortunately I find all of my pings over the VPN have roughly doubled.  For web traffic (and just about everything else) this doesn't really matter, but for some of my games pings can be very important.

    I was wondering if it is at all possible to route traffic that uses certain ports to bypass the VPN gateway and use the default WAN gateway.  Specifically, I wanted to route all of the traffic from World of Warcraft, which uses port 3724, over the WAN gateway.

    If there is a better / easier way to accomplish this, I'm all ears!  This is just what made sense to my admittedly poor networking abilities.


  • if you haven't done so already:
    -assign an interface to your vpn
    -check the route_no_pull checkbox in your vpn settings.

    pfsense should create a new gateway for the vpn_interface automagically

    now use policy routing in your LAN firewall rules to direct the desired traffic to either gateway (

  • Ok, so I've got the VPN working and routing all traffic without a hitch.  That at least was the easy part.

    This is what I have at the moment, but it doesn't seem to work how I expect it to - which in this case I'm trying to force all https traffic from an internal IP to use the PIA gateway.  But whenever I go to a website it shows my normal IP and not my VPN IP.

    As usual, I have a feeling I'm missing some key idea or process - or something blindingly obvious.

  • you moved the rule up so that it's above any other rule that might push it out your default gateway? have you reset states before trying?

  • LAYER 8 Netgate

    Your source ports won't be 443. Look at the text there.

  • Awesome, thanks guys!

    Not sure if it was the state tables (holy hell, thanks for that - wish I'd known about it earlier) or trying to filter the wrong ports, but it works like a charm now!