pfSense: How To Selectively Route Traffic Over WAN
February 27, 2016
As many streaming providers are moving towards blocking VPN providers from their services, you may need to selectively route some of your devices to bypass your VPN provider. In this guide I will show you how to selectively route internet traffic from specific IP addresses in your network over the WAN connection instead of VPN to avoid being blocked by these types of filters.
To start, set a static IP address on the device you wish to selectively route. In this example, my device’s static IP address is 192.168.1.80.
Step 1: Login to your pfSense firewall. Under the firewall tab, select “Aliases”
Step 2: Click the + icon to add a new Alias for your group of hosts that will bypass the VPN. Your alias configuration should look similar to this. Click “Save” when you are finished and apply the changes:
Step 3: Now that we have an alias created, we will now need to create a LAN Firewall rule to route all traffic from hosts specified in the alias over the WAN connection. Select the “LAN” tab, and click the plus sign to create a new firewall rule. Your firewall rule should look like this:
And most important of all, ensure to scroll down and click the “Advanced” button in the gateway setting and select your WAN interface. Save the setting and apply the configuration. Once saved, ensure to move this rule to the top. By doing this the VPN bypass takes precedence over your default “route any to VPN” rule.
Written By: Amardeep Juneja