I watched Lawrence’s video on how to set up pfsense OpenVPN Policy Routing With Kill Switch Using PIA / Private Internet Access: https://www.youtube.com/watch?v=TglViu6ctWE
I ran into one issue which is the moment I enable the OpenVPN Client I lose internet to ALL other interfaces and VLANS.
I have pfblocker installed and I applied the VPN client on just one VLAN (VLAN30) which is on LAN2
I also edited DHCP for VLAN30 and added DNS server 1.1.1.1 to bypass pfblocker and I was able to connect to the VPN server just fine.
The problem is that all other devices that are connected to LAN and also the ones connected to VLANS from LAN2 cannot access the internet. It sseems like a DNS issue or a firewall rule issue but I am not an expert.
I tried and manually changed the DNS server to LAN to bypass pfblocker just like I did for VLAN30 but it did not work.
The moment I disable the OpenVPN Client and restart the router everything goes back to normal.
Somewhere the DNS looks like the problem, you can try to access a site by its IP address then it’s url, that’s the easy way to see if the DNS resolution has failed or it’s something else (then most likely the firewall). It will be trial and error.
I use AirVPN and have set up the VPN vLAN to use the DNS Resolver with AirVPN DNS Servers. My other vLANs all use the DNS Forwarder with Cloudflare DNS servers.
Perhaps you can try something similar as I believe this also helps to keep all traffic in the VPN tunnel.
pfBlocker works on all my vLANs including my AirVPN, under Firewall > pfblocker > IP >
IP Interface / Rules Configuration the interfaces can be selected.
Hi @LTS_Tom
I tried to disable the kill switch rule and it did not help.
It is weird because I can ping 1.1.1.1 from pfsense (Diagnostic -> Ping) by selecting either the VPN_Prague or even LAN but there is no internet on any client that is connected to LAN or any other interface or VLAN until I disable VPN_Prague in pfsense from VPN -> OpenVPN and then reboot pfsense then everything goes back to normal.