This article assumes you already have a Remote Access OpenVPN configured in pfSense and you want it to be filtered.
For initial remote access setup please refer to the vendor documentation available here: https://www.netgate.com/docs/pfsense/vpn/openvpn/openvpn-remote-access-server.html
If using the Wizard
You want to check the box that says “Redirect Gateway”. This will allow features such as IP enforcement to work.
In the DNS Server 1 box, make sure you enter the IP address of pfSense so that DNS resolution will use the firewall. You can see what the IP is under Interfaces / LAN.
If editing an existing OpenVPN server
Check the box to enable redirect. If you have IPv6 do the same for it.
Enter your pfSense IP address(s) under DNS Server to cause all traffic to be run through the filter.