I have a VPN up and working on my pfsense box. All traffic goes through it, and is working great.
However, I only want traffic from ports 995-1000 (examples) to go over the VPN, and let all other port traffic go through my ISP’s IP.
What settings do I need to configure to make this happen? Is it port forwarding, firewall, NAT? I keep making changes and it seems I just keep switching it where all traffic goes to either one.
Also, how can I best check that the programs I am using are in fact operating over the VPN while the rest is going over ISP?
TIA
I don’t know pfsense, but I’ll be setting one up soon. However, I do know a bit about firewalls and networking in general. Seems you could setup port forwarding to another interface from the lan side and use that interface for vpn traffic only. I’m pretty sure I could make it work in a FortiGate.
I am pretty sure this can be done through outbound nat rules and just add that port.
Seems you could setup port forwarding to another interface from the lan side and use that interface for vpn traffic only.
That’s kind of what this would be doing. Pfsense has a virtual interface for vpn traffic, and it’s bound to the WAN port. I need traffic to only go to the virtual interface if it’s certain ports, and then to the WAN interface proper for all other traffic. I get it in concept, it’s just a matter of implementing it in pfsense and then validating it.
I’d also prefer not to have to add a NIC anywhere.
Thanks though.
I’ll try that out on its own. I think i only tried that in combination with some other NAT or firewall changes so maybe jacked something up. Thanks.
Btw I noticed if I toggle “don’t pull routes” in my openvpn settings it basically just switches between isp and vpn for all traffic lol.
Not sure how you would do it without adding an interface, but route all lan to int1 then setup a transit network between int1 and WAN, with port forwarding turned on int1 → intVPN