On Thu, Nov 12, 2009 at 11:02 AM, Vick Khera <vi...@khera.org> wrote: > On Wed, Nov 11, 2009 at 11:23 PM, Chris Buechler <cbuech...@gmail.com> wrote: >> On Wed, Nov 11, 2009 at 3:29 PM, Vick Khera <vi...@khera.org> wrote: >>> I'm looking into some privacy VPN services like PublicVPN or >>> StrongVPN. They offer OpenVPN based tunneling from the desktop or >>> from your home router. >>> >> >> Not using either of them or anything like it personally, but you can >> do that. You can even set it up as an OPT WAN interface and policy >> route traffic. I know there are others doing so. > > Seem like this might solve my problem: > > 1) set up the OpenVPN tunnel on pfsense and assign the virtual network > device to an OPT WAN interface > 2) set up a proxy (socks5 or equivalent) on a local host, likely a jailed > server > 3) policy route all traffic from that jailed server out via the OPT interface > 4) configure any local clients to use that socks5 server when desired > > Is there some more optimal setup? Can I detect the packets are coming > from the socks5 server some other way for the policy routing rule and > avoid having to set up another jail to hold it? >
That sounds reasonable to me. There are many ways you can do it. You can avoid a jail if you just want to route all HTTP from that host out the VPN. --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org