VPN over OPT1 ethernet port only

Good Evening,

I thought I would reach out for some guidance on a setup I would like to try and build.

I have a Netgate sg-5100 and would like to set up a VPN to only run on the ethernet port OPT1 on the physical port IX0.

I work from home and would like to isolate my work environment from my personal machines.

Is there a way to isolate the device that is plugged into the OPT1, IXO from the devices on the LAN, IGB1?

Also, the VPN I would like to run is not OPENVPN, but rather ExpressVPN, and I would like to run this VPN on the IX0 port and isolate it from other devices on the LAN.

I have found many guides and write-ups on how to establish the expressvpn on pfsence, however, I can not figure out how to create the particular use case I’m looking for.

Thank you in advance,
BlackBirdWilliams

It’s pretty straight forward, you just need to setup your network that you wish to isolate, then setup your ExpressVPN connection, then set your gateway to exit out of the VPN instead of the ISP. You need to configure your rules such that they provide what you want.

I have a video on how to run configure pfsense with separate firewall rule that would allow for network segmentation. You don’t have to use VLAN, you can assign each segment to a port such as OPT1.

For the policy routing with a privacy VPN, I have a video here explaining how that works: