I am using IPsec for site-to-site connection with other location and OpenVPN (client mode) for ProtonVPN service. I am also running OpenVPN server on OPNsense.
Everything is working fine, except when IPsec goes down traffic from ProtonVPN redirect alias group is not redirected to ProtonVPN tunnel (it is stopped completely).
OpenVPN to ProtonVPN server is up. From OPNsense I can ping any IP via ProtonVPN tunnel. Nslookup from redirect group is working.
nslookup whoami.akamai.net
gives me ProtonVPN server's IP; it resolves any domain that I do nslookup.
ping opnsense.org
wget --spider opnsense.org (or any other domain or IP address)... is not working. traceroute stops at first hop (OPNsense's IP).
My configuration is like in this in Matya's Blog > https://matya.blog/2017/05/08/using-protonvpn-on-pfsense/ with "We decide ourself what to send via VPN" chapter.
I redirect only specific clients via VPN.
I am still on 18.1.3 version.