pfSense English Support > OpenVPN

VPN client setup advise

(1/2) > >>


I bought a 4xNic aes-ni mini pc with pfsense  to replace my home router.
The main reason i want to replace my home router is to setup an openvpn client ( Expressvpn). Is it possible to select the ip's which will be using the VPN tunnel? Or is it only possible to exclude the ones not using the VPN tunnel?



This can be done by policy routing in pfSense.

You have to set up your vpn client with "don't pull routes" checked to avoid to get pushed the default route and assign an interface to the vpn client instance.
Then you can select the gateway (vpn or wan) in the firewall rules advanced options, which is permitting the upstream traffic.

Ok....and does "assign an interface" mean assign to a physical ethernet port?
I ask this because if so, I have to change the physical location of the pfsense box I had in mind.

No, you just have to assign an virtual interface in pfSense which is needed to route the traffic.

Ensure that the vpn connection is up.
Go to Interfaces > Assignments, aside "available network ports" select the OpenVPN instance (e.g. ovpnc1; you will also find the description here you have entered on the clients settings tab), hit "Add". Then open the interface config by clicking on the name, check enable and set a meaningful name and save the settings, not further configuration to make here.

Sorry i'm not so familiar with virtual interfaces.
I bought a (still on its way) Qotom box with 4 ethernet ports and pfSense pre-installed: WAN,LAN,OPT1,OPT2
Now I want to bridge OPT1 and OPT2 and LAN because I need those ports physically in my home network.
Once I bridged the 3 ethernet ports, it is still possible to create a virtual interface for the VPN tunnel?

I this article it looks like OPT1 physically is assigned to a network port:


[0] Message Index

[#] Next page

Go to full version