Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: ryosh1 on May 28, 2026, 12:54:49 PM

Title: How to force OpenVPN traffic through an specific interface
Post by: ryosh1 on May 28, 2026, 12:54:49 PM
Hi Everyone!

I'm facing a problem that im unable to solve. As context, we have an OPNsense inside our network as a basic server with 2 interfaces, both with different IP and each interface goes to a switch that tags each with different VLANs.
The point is, as far as i know, the VPN traffic (outgoing from a client) has as origin the IP of the OPNsense and will get the VLAN of the interface where it goes through.
So i wanted to configure 2 VPNs, thats why i added the second interface and cable. The first VLAN has more priviledges than the second, so i wanted to get one VPN through the first VLAN and the second VPN through the second one, therefore the users would be matched with their "local" access even throught VPN.
The first VPN has been working fine for a while (using the VLAN with more access which is kinda bad), so i cloned the configuration, changed ports and i even tried binding the IP address to the new port, but it seems that the traffic goes whenever it wants and uses the OPNsense routing, so it won't go to the VLAN that i wanted.
Configuring traffic in Firewall > Rules using VPN network as origin doesnt seem to even match any traffic, so im a bit lost on how to proceed.
Thanks in advance to any answer.
Title: Re: How to force OpenVPN traffic through an specific interface
Post by: viragomann on May 28, 2026, 04:24:11 PM
Quote from: ryosh1 on May 28, 2026, 12:54:49 PMbut it seems that the traffic goes whenever it wants and uses the OPNsense routing
Exactly.
So add a static route for the server and point it to the desired gateway.
Title: Re: How to force OpenVPN traffic through an specific interface
Post by: ryosh1 on June 02, 2026, 08:11:44 AM
Quote from: viragomann on May 28, 2026, 04:24:11 PM
Quote from: ryosh1 on May 28, 2026, 12:54:49 PMbut it seems that the traffic goes whenever it wants and uses the OPNsense routing
Exactly.
So add a static route for the server and point it to the desired gateway.
But how exactly do you add a static route?
I mean, i see 2 ways of adding routing rules: The first one is via System > Routes > Configuration , which adds an static route but doesn't let you fix it to a network (the VPN).
The second one is using Firewall > Rules , but here i guess im doing something wrong, the rules aren't matching even if i do any to any from any (any everything).
Text only | Text with Images