Hi all - I created a SurfShark Wiregaurd instance VPN. The everything from opnsense to Surfshark is connected (the gateway shows up). I have 2 aliases created (IPTV list - has all the IPTV URLs, and Clients - has the IPs of clients that I want to connect to surfshark). So I want to create firewall rules to push all traffic indented for the iptv list to this VPN connection. So I figure that this would have to be an out rule?
Interface=LAN
Direction= out
destinations: IPTV List
gateway= Surfshark_GW
and the other rule would be an in rule?
Interface=Lan
source=clients
direction=in
destination=any
gateway=SurfShark_GW
But this does not seem to work, everything is still going over the WAN
QuoteInterface=LAN
Direction= out
destinations: IPTV List
gateway= Surfshark_GW
if you intention is to re-route all outgoing traffic from LAN to the IPTV List via the VPN Gateway then the direction should be
in. As the packets are incoming for the firewall. Possibly you'll also need a outgoing NAT rule to replace the original LAN IP with the Surfshark IP of the firewall, to ensure proper symmetric routing