Route OpenVPN Server Traffic Out of Different Gateway

[leacho73]

Hi All,

Is it possible to route OpenVPN traffic out of a different gateway other than the default one that is created when a connection is made? - etc 192.168.0.1 as the GW when connecting on a 192.168.0.x address?

I have tried assigning the OpenVPN interface and giving it an IP, but I can see how that wouldn't work with multiple servers, as you get ovpn1, 2 etc etc.

I'm trying to get NetFlow data out of OpenVPN connections, which I know isn't natively supported so I'm trying to send it through another collector, which requires routing it outside the OPNSense appliance.

Thanks
Leacho

[koushun]

I do not fully understand your question. But I think this is possible? Maybe this can get you started, these are from my notes from another project where I routed an entire subnet through a VPN connection:

Interfaces > Assignments. You will have multiple OpenVPN interface there??
Assign one interface which will be used as a gateway. After assignment, click the name of the interface (OPT5 or something similar).

• Enable Interface
  Description: WAN_OpenVPN
  Leave rest of the configuration as is. Click Save.
  
  Apply the changes.
  
  Go System > Gateways Click +Add gateway.
  
  Name: GW_WAN_OpenVPN
  Description: Access through WAN_OpenVPN?
  Interface: WAN_OpenVPN
  
  IP adress: xxx.xxx.xxx.xxx
  
  Check far gateway.
  Set rest to default.
  
  Click Save, Apply.
  
  Rules
  Go to Rules.
  
  Select the designated interface for your subnet / another OpenVPN server (??) which you would like to go out on internet through this WireGuard VPN.
  
  Add Rule.
  
  Allow any any IPv4, but be sure to select
  
  Gateway: GW_WAN_OpenVPN as your gateway under Advanced settings.
  
  Do not know if this helps, but good luck :)

[leacho73]

Ah this is perfect @koushun - I'll give it a go this weekend. I shall report back if this works as intended!

Thanks
Leacho