Snoopers Charter + PfSense + NordVPN Tutorial

Click the icon to Follow me:- twitterTelegramRedditDiscord

So due to the UK government being dicks and forcing all UK ISPs for store logs for 1 year of all visited websites, I decided to go ahead and start using a dedicated VPN service.

I had a look around and decided that NordVPN was going to be the best for me.

Now that was sorted, I also decided that I wanted to force all traffic over this new VPN connection, with maybe the exception of my PS4 and some other bits, who cares if the government sees me playing Battlefield 1 ?

So fire up your PfSense box and start getting setup using this guide . (THIS IS STEP 1)

Welcome back. once you have done that, you should have a working VPN connection.
Now to force all the traffic down the VPN.

I have a LAN, a DMZ and a HomeVPN (so I can remote home from work), these are my local subnets.

So go to Firewall / Aliases

2016 12 18 12 40 04 pfSense.home .gateway Firewall Aliases IP

Create the Alias

2016 12 18 12 41 44 pfSense.home .gateway Firewall Aliases Edit


Now the firewall rule on the LAN interface
2016 12 18 12 43 36 Firewall Rules Edit
Below the Description you can see above is a ADVANCED button.

You need to click on the advanced button and make sure that you choose the NordVPN gateway (i have a gateway group for failover if a VPN connection goes down)
2016 12 18 12 45 52 Firewall Rules Edit

Once this is done position this at the top of your rule set, as the firewall rules are read from top to bottom.

Now if you want to allow certain devices to NOT go via the VPN then you can do the below.
So my Selective Routing Alias allows my 4K TV and my PS4 to go via my normal WAN connection, so this goes at the top of the firewall rule set.
Then below that is my catch all Local subnet rule to force ALL other traffic over the VPN.
I have disabled all IPV6 in my systems.
2016 12 18 12 48 27 Firewall Rules LAN

Here is the proof

2016 12 18 12 55 16 Status Dashboard



Now you need to know that going via a VPN will be slower than not going via a VPN, in my case i’m loosing about 10Mbps down and 5Mbps up, but for day to day browsing this is not a problem at all.

If i want to use torrents, i can always use a certain device and make a specific rule to not go via the VPN depending on what i am downloading or like my PS4, just dont use the VPN.

Any questions please ask.


P.S Once issue i did find in my setup was, on my Windows 10 machine, if i had GlassWire installed it totally fucked anything up and kept causing connection timeouts, even when not using the firewall function. Uninstalled it and all was fine again.

Available for Amazon Prime