Bypassing the OpenVPN Tunnel NAT
-
Hello,
I searched the forums but did not find a direct hit for my query. When using the OpenVPN client (on a GL-iNet Travel Router), all traffic from client to server gets NAT'd to the Tunnel IP assigned by the pfSense as it traverses the tunnel. Is there a way to bypass this "NAT" so that the local network assigned to my Travel Router can route across the OpenVPN natively?
I am familiar with how to use NAT rules to bypass the Outbound NAT on the LAN. And am familiar with using Client Specific Overrides to route the native local subnet back to the client. However I cannot figure out how to get the local subnet to go across the tunnel natively.
Thanks
-
To project your question, you need a picture) with signed networks from the server to the client + your desire is also in the picture.
-
@ironmonkey
why do we need additional photos to better understand you, because the question is not entirely clear and there is no initial data at all ... pay attention "A correctly asked question is half the answer" -
This should depict what I am trying to accomplish. I want to natively route across an OpenVPN tunnel and preserve the local client network behind the GL-iNet. Currently all traffic gets NAT'd to the Tunnel IP assigned to the client. I wanted to know if there was any option on the pfSense to configure the desired outcome.
-
-
Hi @Stef93
Thanks for the suggestion! However it looks like the client end of the tunnel (10.10.10.2) is NAT'ing the traffic prior to putting it in the tunnel. So by the time it reaches the pfSense OpenVPN NAT Policy it is already NAT'd. I was able to solve the issue by creating a similar NAT Bypass rule using the the GL-iNet NAT interface. And that seems to be working. I appreciate your feedback!