Thanks for your reply Marian, That's exactly what I'm searching for (trying to do). Only the pakets for a specified Subnet should be routed thrue the VPN connection. All other should go directly to the internet.
Must this be done on client-side or is it possible to configure pfSense to send a "routing configuration" back to the client after authentication like it is done by OpenVPN? In case it must (can) only be done on client, does any one know how can I set this up on Android (without rooting the device)? Claudio Am 01.03.2013 19:41, schrieb OSN|Marian Fischer: > http://en.wikipedia.org/wiki/Split_tunneling > > > Am 13.02.13 14:30 schrieb "Claudio Thomas" unter <claudio.tho...@ezi.de>: > >> Hi, >> sorry for my rerequest. >> Is there a way to set up an IPsec connection without routing all the >> client-traffic thrue the pfSense router? >> In my case the client is setting a "route add 0.0.0.0 netmask 0.0.0.0 gw >> <ipsec-connection-ip>". >> Wished would be that the client only add a route "route add >> 192.168.150.0 netmask 255.255.255.0 gw <ipsec-connection-ip>". >> >> Best regards, >> Claudio >> >> Am 06.02.2013 11:25, schrieb Claudio Thomas: >>> Hi, >>> actually when connecting via IPSec from Client (A) to pfSense 2.02 (B) >>> all traffic from A is routed to B. >>> >>> Actual routing look like: >>> Client A pfSense B Network >>> 10.8.0.5/32 -----> 10.8.0.1/24 ----> 192.168.150.0/24 >>> | >>> +----------> Internet >>> >>> But the whiched routing is: >>> Client A pfSense B Network >>> 10.8.0.5/32 -----> 10.8.0.1/24 ----> 192.168.150.0/24 >>> | >>> +------------------------------> Internet >>> >>> What must I change on my pfSense Config, so that A only receives a route >>> to the Network behind B an not a default route (0.0.0.0/0)? >>> >>> Best regards, >>> Claudio >>> >>> >>> >>> _______________________________________________ >>> List mailing list >>> List@lists.pfsense.org >>> http://lists.pfsense.org/mailman/listinfo/list >> _______________________________________________ >> List mailing list >> List@lists.pfsense.org >> http://lists.pfsense.org/mailman/listinfo/list > _______________________________________________ > List mailing list > List@lists.pfsense.org > http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
