Policy Routing Certain Traffic Through an OpenVPN Client Connection
The pfSense® firewall software contains all the tools necessary to accomplish this task. This writeup was developed using version 2.2.4 amd64.
This article assumes a working pfSense firewall and a simple need to configure the VPN. The reader will also need a text editor and the ability to copy and paste blocks of text from a text file into pfSense configuration screens. Familiarity with unzipping file archives will also be necessary.
This network diagram depicts the test environment in use:
The following tasks will be outlined:
- Creating a connection to VPNBook.
- Creating an OpenVPN assigned interface.
- Creating a policy route to send all traffic from Host A1 through the VPN.
- Adding a per-packet pf tag and necessary firewall rules to prevent any traffic originating from Host A1 from egressing the WAN if the VPN connection is down.