Hi, a while ago I successfully manage to setup a VPN connect on pfSense. I was a great success as it took me a while to get it working. I followed the guide here: https://www.expressvpn.com/support/vpn-setup/pfsense-with-expressvpn-openvpn/#additional.
I have a wired network on 192.168.0.0 where I have my desktop and other wired devices. Then i have a wireless network 192.168.1.0 where a access point is connected to the pfSense router. Now, with time, I've realised that its not very flexible in that I'm having to manually disable rules etc. to get things working and then re-activate them to switch usage. I want to make things a but more flexible without losing functionality. In the above guide, under "Additional steps to route WAN through tunnel", where you create the firewall rule to route the traffic from the created alias (192.168.0.0/24) through the VPN tunnel, this rule works well when I want to route traffic from my desktop (on the 192.168.0.0 network) to the internet, whether through the VPN or through normal ISP. However, this is preventing me from pinging my mobile phones on the 192.168.1.0 network. In fact, as soon as I disable the alias rule above, I can ping my mobiles but then I can't browser the internet from my desktop on the 192.168.0.0 network. This is leading me to having to disable/re-enable the rule everytime I have to swith between having to reach my mobile or having to reach the internet from the desktop. This alias is not stopping me from pinging the desktop from my mobile. I guess the tutorial was set up non-complex usage in mind. But how can i make this a but more flexible so that internt traffic can go down the VPN and local traffic between different LANs are not affected? I hope I've explained my problem well enough. Many thanks -- Respect your privacy and that of others, don't give your data to big corporations. Use alternatives like Signal (https://whispersystems.org/) for your messaging or Diaspora* (https://joindiaspora.com/) for your social networking. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold