Messages

OK, so OPNsense is unable to create a bypass connection from one computer on LAN to one IP address on internet.

Is there any other option I can use or OPNsense is not able to bypass VPNClient connection at all?

Thanks,
yes, both source and destination IP addresses in logs are correct.

Thanks for comment - I edited original post and added "Inbound".

This is "IN" rule.

Edit: I just tried "OUT" instead "IN" - this error appeared when saving rule:

    The following input errors were detected:
    Policy based routing (gateway setting) is only supported on inbound rules.

[Environment]

Hi all,

Environment

• OPNSense 20.7.8_4
• FreeBSD 12.1-RELEASE-p12-HBSD
• Few computers
• OpenVPN client to my VPN provider
• Edit: all traffic from LAN to Internet goes via OpenVPN client.

Everything works perfect.


Change

Suddenly I want to bypass VPN for a traffic from a single LAN computer to a single IP address on internet (for this example it is 104.16.154.36 - whatismyipaddress.com).
Port: any.
Protocol: any.
I added a LAN rule (Edit: Firewall rule, Inbound)
My rule is called "DescZa" and (theoretically) should redirect desired traffic to my gateway IP GW_WAN.
I put the rule on top of other LAN rules.
Rule is active.
Rule's logging is set to "On".
See: https://imgur.com/a/snoU0rQ - image 1 - Rules


Problem

My rule is "ignored".
Instead, "Default allow LAN to any rule" is triggered, as it is always.
This rule is lower on hierarchy of rules.
See: https://i.imgur.com/iponW5T.png - image 2 - Firewall logs


Question
What am I doing wrong?


Edit: I later tried adding "WAN" and "OpenVPN" interface rules by same principle, it's always the same result - my rule is "ignored".

Thanks in advance
BR
Emi