Setting up PIA on pfSense & configuring rules to run traffic to specific sites from inside the LAN through the VPN

From Da Nerd Mage Wiki
Revision as of 09:00, 12 August 2025 by Tinker (talk | contribs) (Created page with "# Setting up PIA on pfSense #* [https://helpdesk.privateinternetaccess.com/guides/routers/pfsense/pfsense-2-6-0-openvpn-setup pfSense 2.6.0 (OpenVPN Setup)] #* It's long & involved... But those instructions get it working. #* & passing ALL traffic through PIA # Firewall rules to route only traffic with specific sites through PIA #* NOTE: Apparently, "if you have a dead interface it won't let you create a new one" (more research needed...) ##'''Interfaces / Assignments'''...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
  1. Setting up PIA on pfSense
  2. Firewall rules to route only traffic with specific sites through PIA
    • NOTE: Apparently, "if you have a dead interface it won't let you create a new one" (more research needed...)
    1. Interfaces / Assignments
      • Add the vpn as an interface
      • Save & Apply
      • Interfaces / OPT1
        • rename it to VPN
        • enable it
        • Save & Apply
      • Reboot the pfSense server
    2. System / Routing / Gateways
      • Ensure that VPN_VPNV4 shows up
      • Change Default gateway IPv4 to your original WAN_DHCP gateway
      • Save & Apply
    3. Firewall / Rules / LAN
      • Edit the "Default allow LAN to any rule"
      • Scroll down to Extra Options & click Display Advanced
      • Change Gateway to "WAN_DHCP..." (Your original WAN)
        • Note: you could also use a gateway group. i.e.: a failover group
      • Save & Apply
    4. Firewall / Aliases / IP
      • Click +ADD
      • Fill in Name with something useful
      • Type should be "Host(s)"
      • Put the IP or FQDN of the host you want to use the VPN for in IP or FQDN
      • Save & Apply
    5. Firewall / Rules / LAN
      • Click the Add button with the upward arrow
      • Set Destination to "Single host or alias" and fill in Destination Address with the name of the alias you created above
      • Scroll down to Extra Options & click Display Advanced
      • Scroll further down & select "VPN_VPNV4..." for Gateway
      • Save & Apply
    6. Sit back & relax
      • At this point, traffic to the site you put in the alias goes through the VPN & everything else is handled normally.
      • You can either add more addresses to that alias or create more rules to expand on this.
      • In this screencap, the left browser shows the actual address of the machine & the right shows the PIA exit point in Tokyo. These are running concurrantly on a single machine.
        W00t-w00t.png
Retrieved from ‘https://wiki.nerdmage.ca/index.php?title=Setting_up_PIA_on_pfSense_%26_configuring_rules_to_run_traffic_to_specific_sites_from_inside_the_LAN_through_the_VPN&oldid=3802