Selective VPN to specific sites

[deans20]

I am trying to route traffic destined for / from specific websites through VPN.

I followed this guide: https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

What I have set-up:

1 - WireGuard with Mullvad.  The Status shows connected hand shake etc look ok.

2 - WG interface: WireGuardInterface

3 - Gateway: WireGuard_GW1

4 - Aliases

Code Select Expand

Name: VPN_PublicIPs
Type: Hosts
Content: list of external IPs I want through VPN

5 - Firewall Floating Rules

Code Select Expand

Action: Pass
Interface: non selected
Direction: Out
TCP/IP: IPv4
Protocol: any
Source: WireGuardInterface address
Destination: WireGuardInterface net
Gateway: WireGuard_GW1

6 - Firewall LAN Rule

Code Select Expand

Action: Pass
Interface: LAN
Direction: In
TCP/IP: IPv4
Protocol: any
Source Invert: No
Source: any
Destination Invert: No
Destination: VPN_PublicIPs
Gateway: WireGuard_GW1

7 - Firewall NAT Outbound

Code Select Expand

Interface: WireGuardInterface
TCP/IP: IP44
Protocol: any
Source: any
Destination: VPN_PublicHosts
Translation / target: Interface address


However, traffic does not seem to be going through the VPN.  Any ideas what I am doing wrong?


Additionally, as it wasn't working I set-up further LAN and NAT Outbound to direct any traffic from my laptop on 192.168.1.100 through the VPN.  This seems to send traffic through the VPN and the WAN as can be seen in the Traffic Report.


Is this linked to the earlier issue?  Any idea why traffic is going through both Gateways?


Thank you for any guidance you can provide to try to get this working.