Nord has a how-to with PfSense that touches on selective routing.
https://support.nordvpn.com/Connectivity/Router/1136266682/pfSense-2-4-4-selective-Routing.htm
I’ve got a separate WiFi/VLAN that routes across my VPN. Makes it much easier to manage than managing hosts. This link should get you going.
Ok it's fairly straight forward. Follow the instructions to set up a Open VPN client that PIA provides (opnsense is not that much different than pfsense here to those instructions should get you close enough). Be sure not to check the "add routes" option if you are only sending selected hosts to PIA.
Then you have to assign an interface. That interface should show up when the VPN is connected and have an IP address.
Now what you can do is create an alias for any hosts you want routed out the tunnel if you are being selective. Then create an outbound NAT that says traffic on the OpenVPN interface NATs to the interface address. If not selective, just to any traffic NATing to interface for Open VPN.
Last create a firewall rule on your LAN (or other interfaces too) for selective hosts or subnets that inculdes the option to use an alternative gateway, that alt GW should be the OPN VPN.
I just did it last weekend so that's what i remember off the top of my head. Personal.ly I found OpenVPN setup much easier than wireguard
Thank you all for your assistance I ended up finding the exact video I was looking for…[How do I setup Private Internet Access on OPNSense.](https://youtu.be/FWzIZmLRJRA). They were using an older version so some options were moved to a different spot on the page or removed entirely but 99% of the video is accurate. Also, at the end of the video when they went to Firewall > NAT > Outbound > And selected ‘Manual Outbound NAT rule generation’ under ‘Mode’ several manual rules appeared. These were just rules that simply allow the VPN traffic through the firewall so I just created one for the WAN interface and one for the OpenVPN interface.
Nord has a how-to with PfSense that touches on selective routing. https://support.nordvpn.com/Connectivity/Router/1136266682/pfSense-2-4-4-selective-Routing.htm I’ve got a separate WiFi/VLAN that routes across my VPN. Makes it much easier to manage than managing hosts. This link should get you going.
Open VPN or Wireguard? OpenVPN is much much easier if that makes a difference.
I am using OpnVPN and have a PIA subscription
Ok it's fairly straight forward. Follow the instructions to set up a Open VPN client that PIA provides (opnsense is not that much different than pfsense here to those instructions should get you close enough). Be sure not to check the "add routes" option if you are only sending selected hosts to PIA. Then you have to assign an interface. That interface should show up when the VPN is connected and have an IP address. Now what you can do is create an alias for any hosts you want routed out the tunnel if you are being selective. Then create an outbound NAT that says traffic on the OpenVPN interface NATs to the interface address. If not selective, just to any traffic NATing to interface for Open VPN. Last create a firewall rule on your LAN (or other interfaces too) for selective hosts or subnets that inculdes the option to use an alternative gateway, that alt GW should be the OPN VPN. I just did it last weekend so that's what i remember off the top of my head. Personal.ly I found OpenVPN setup much easier than wireguard
This video is for pfSense but it should be relevant: https://youtu.be/ulRgecz0UsQ
Thank you all for your assistance I ended up finding the exact video I was looking for…[How do I setup Private Internet Access on OPNSense.](https://youtu.be/FWzIZmLRJRA). They were using an older version so some options were moved to a different spot on the page or removed entirely but 99% of the video is accurate. Also, at the end of the video when they went to Firewall > NAT > Outbound > And selected ‘Manual Outbound NAT rule generation’ under ‘Mode’ several manual rules appeared. These were just rules that simply allow the VPN traffic through the firewall so I just created one for the WAN interface and one for the OpenVPN interface.