Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN up - Gateway Down - VPN not routing out to internet

    Scheduled Pinned Locked Moved OpenVPN
    11 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • KOMK
      KOM
      last edited by

      Your settings are a bit different from what I'm used to seeing, but perhaps that's something to do with your VPN provider.

      On my client connections, I don't specify the local or remote networks. They're assigned automatically.

      Your outbound NAT rules are wrong. That rule you have highlighted should be Source 192.168.1.0/24 to JAMVPN address. You don't need the port 500 rule. Delete those two rules at the end, they're not needed.

      Lastly, you didn't show your LAN rules. You need to use LAN rules to redirect the traffic out the VPN gateway instead of default or WAN.

      1 Reply Last reply Reply Quote 0
      • W
        wrodriguez56
        last edited by wrodriguez56

        @KOM thanks for reply!

        Updated NAT rules:
        8b178f0e-09e4-4c67-8a1a-a4ba583025ba-image.png

        These are existing LAN rules:
        3ae912cf-c6f5-447f-8809-83568fafbd2d-image.png

        Plese clarify what needs to be changed here.

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by KOM

          Well, I think you have a typo in your JAMVPN rule. Your local LAN is 192.168.1.0, not 192.168.0.0. Next, I wasn't clear when I said to delete the port 500 rule. I meant for the VPN connection only. You deleted the one for your local network, but it doesn't matter unless you're running IPSEC VPN.

          For your LAN rules, unless you're using IPv6 on your network you can delete the last rule.

          Lastly, edit the IPv4 Default allow LAN to any rule. Click Advanced Options. Scroll down near the bottom to the Gateway field and select JAMVPN. Apply it and now all traffic should go through the gateway. You can further craft your rules to allow only select clients through, or only select ports for running torrents for example.

          Here is an example of my outbound rules.

          Screenshot from 2019-08-09 22-37-57.png

          And my LAN rules.

          Screenshot from 2019-08-09 22-39-46.png

          W 1 Reply Last reply Reply Quote 0
          • W
            wrodriguez56 @KOM
            last edited by

            @KOM

            Made correction to typo:
            9843656f-c323-4365-b306-e2a444cdeb2a-image.png

            Also modified the LAN rules:
            386e3961-7fad-463f-86ed-8e2c61084c8d-image.png

            It still not routing out the VPN.

            Thanks again for your time.

            BogusExceptionB 1 Reply Last reply Reply Quote 0
            • BogusExceptionB
              BogusException @wrodriguez56
              last edited by

              @wrodriguez56 do you have the same network defined for remote network and WANGW?

              10.0.0.0

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                Good catch. I did tell him earlier that those are autogenerated so i don't think he has to specify the tunnel & remote networks at all, but I could be wrong depending on his ISP.

                W 1 Reply Last reply Reply Quote 0
                • W
                  wrodriguez56 @KOM
                  last edited by

                  Thank you @KOM , issue has been resolved. Thank you for your help.

                  BogusExceptionB 1 Reply Last reply Reply Quote 0
                  • BogusExceptionB
                    BogusException @wrodriguez56
                    last edited by

                    @wrodriguez56 After all that, would be OK to ask what fixed things for you?

                    W 1 Reply Last reply Reply Quote 0
                    • W
                      wrodriguez56 @BogusException
                      last edited by

                      @BogusException

                      I was missing the LAN rules

                      fbe94e5d-0232-4b15-a664-8f4715e17b36-image.png

                      Once properly configured, NAT worked!!!

                      BogusExceptionB 1 Reply Last reply Reply Quote 0
                      • BogusExceptionB
                        BogusException @wrodriguez56
                        last edited by

                        @wrodriguez56 awesome!

                        Might help someone else reading down the road. 🙂

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.