OpenVPN rules for internet access

[atc]

Hi, I'm new to Opnsense and I have an issue trying to get access to the outside world when using one of my VPNs.

I have 2 OpenVPN servers running; 1 for me with full network access and a second one for work that only has access to certain servers on the network. Everything works on VPN 1.

The rules on the OpenVPN firewall tab are as follows:

Protocol     Source         Source Port  Destination    Destination Port  Gateway   Schedule     Description
IPv4 *         10.0.9.0/24   *                   10.0.9.1           *                            *             *                   VPN2
IPv4 *         10.0.9.0/24   *                   172.16.1.70     *                            *             *                   VPN2
IPv4 *         10.0.9.0/24   *                   This Firewall    *                            *             *                   VPN2
IPv4 *         10.0.8.0/24   *                    *                      *                            *             *                   VPN1


The only way I can access the internet when connected to VPN2 is if I have a rule for 10.0.9.0/24 with destination set to any. Is there a way around this? I have tried selecting individual interfaces to no avail.

Thanks

[Greelan]

As I read those rules, you are allowing the VPN2 network to access only three destinations - none of which includes an internet IP. So not surprising you can't access the internet?

[atc]

I want to let everything out to the internet. I've tried adding outbound rules to 'any' to no avail. As I said the only way I get internet access is by adding a rule for VPN2 exactly the same as the VPN1 rule I have listed

[Greelan]

So define an Alias for all private (RFC1918) networks, and then create a fourth rule that allows all traffic that does NOT have a destination of that Alias (ie the destination is the Alias, but inverted)