Multiple OpenVPN Client - Pass some traffic through one specific VPN

[fegauthier]

Hi guys!

I currently have a working Opnsense system. I have an OpenVPN (Private Internet Access) Client. All my traffic is forward to the VPN. Everything is fine from here. I want to add a second OpenVPN Client. I want that everytime the destination is nets 172.16.0.X / 172.16.1.X / 172.16.2.X that is pass through the second VPN. Does anybody now how to achieve that?

Thanks!

[michael]

Set up an Alias (under Firewall) with those IPs as a destination, you can list each one under Content, or set target and insert a range of IPs.  Then under Firewall > LAN, create a rule selecting the Alias under Destination, and the new OpenVPN as the Gateway.  Someone may have a better way, but this is the way I've set up other routing to either the VPN or WAN and it works for me.

[fegauthier]

Thanks for your reply! I don't want to specify specific destination. I just want some IP or some Interface to use VPN and others to use WAN. If I put a Rules on LAN with Gateway to VPN, all my computer on the interface doesn't have internet access.

[michael]

Thanks for your reply! I don't want to specify specific destination. I just want some IP or some Interface to use VPN and others to use WAN. If I put a Rules on LAN with Gateway to VPN, all my computer on the interface doesn't have internet access.

OK, so I guess I misunderstood the original post.  However, in order to direct internal devices to use VPN or WAN, you still have to set those as the Gateway under Firewall > Rules > LAN, and direct that specific device or Alias for multiple devices/addresses to use the Gateway that you want them to use.  Then the priority should also be set accordingly in the list of LAN rules, with the narrowest rule at the top, and the most broad rule (usually the automatically generated ones) at the bottom. 
Lastly, if your VPN Gateway doesn't have internet access, have you set up a NAT > Outbound configuration for the Interface?  If not, you'll need to, using either Hybrid or Manual, and setting up the VPN Interface with a NAT configuration (source: any, NAT address: x.x.x.x from your VPN provider).