Openvpn SITE 2 SITE Portforwarding
-
Hello
Where can i find a complete guide on this?, they only thing i can find is a mess.
-
Why do you need port forwarding? That's normally used with NAT, which you wouldn't likely be using with a VPN.
-
Hello
What i need is example
open a port on site A thats points to a server at siteB
wan > siteA > siteB > server
-
Port forward SiteA
Openvpn interface siteA
Firewall rule siteAOpenvpn interface siteB
Firewall rule siteB
I hope it helps
-
Okay tested some more, as soon as i enable the interfaces for the wanvpn the tunnel dies cant ping across it
-
You have to bounce the OpenVPN tunnel after you assign the interface. This is said everywhere that talks about assigning interfaces to OpenVPN tunnels.
What rules are on the OpenVPN tab next to WANWPN?
I assume that is the side of the tunnel where the target server is homed and LAN there is 10.0.0.0/24?
-
Hey
there is no rules in the openvpn tab on both sites
Lan at the siteB (client) is 10.0.0.0/24 i want to open port 8006 on 10.0.0.2
Lan at siteA (server) is 10.8.10.0/24both sites got an ip in the interface tap after i restarted openvpn.
-
Then you probably need to check on the server why it is not responding. Looks like everything is in place that needs to be (assuming there really are no rules on the OpenVPN tab at Site B).
Attempt a connection then do Diagnostics > States on the Site B side and filter on 8006. What do you see?
Packet capture on Site B LAN filtering on address 10.0.0.2 and port 8006 and attempt a connection. What do you see?
What do the server logs on 10.0.0.2 say?
The LAN network at Site A is not a party to this traffic.
-
-
But i should still be able to reach site A from site B aka ping 10.8.10.1 form 10.0.0.1 right?
nevermind that works
Reply from 10.8.10.1: bytes=32 time=23ms TTL=63 Reply from 10.8.10.1: bytes=32 time=22ms TTL=63 Reply from 10.8.10.1: bytes=32 time=23ms TTL=63 Reply from 10.8.10.1: bytes=32 time=23ms TTL=63 Reply from 10.8.10.1: bytes=32 time=22ms TTL=63 Reply from 10.8.10.1: bytes=32 time=22ms TTL=63 Reply from 10.8.10.1: bytes=32 time=23ms TTL=63 Reply from 10.8.10.1: bytes=32 time=22ms TTL=63 Reply from 10.8.10.1: bytes=32 time=24ms TTL=63 Reply from 10.8.10.1: bytes=32 time=22ms TTL=63 Reply from 10.8.10.1: bytes=32 time=23ms TTL=63 Reply from 10.8.10.1: bytes=32 time=23ms TTL=63 Reply from 10.8.10.1: bytes=32 time=22ms TTL=63
-
GOT IT WORKING!!!!
before i was trying from my desktop located at 10.0.0.204 that did not work, then i took my laptop and connected to my phone hotspot and boom there was connection
lets say i setup a mail server port 25, now i know to get incoming stuff but what about outgoing via vpn?
-
You would have to policy route those connections on the local interface out the OpenVPN gateway and the other side would need to perform Outbound NAT for that traffic out its internet connection.
-
Okay
So a firewall rule on siteB?
And outbound nat siteA? -
From what i can Google
Make firewall rule with source 10.0.0.2 port 25 and under the Advance tap select the VPN GW? Right? -
Do anyone know how i should do this?
-
Hello
okay i got it working now :)