Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN, NAT redirect WAN site how ?

    OpenVPN
    2
    2
    629
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      StefanS last edited by

      Hi all,
      ist this possible on pfsense ?

      example on linux:
      iptables -t nat -A PREROUTING -p udp –dport 53 -j REDIRECT --to-ports 1194
      iptables -t nat -A PREROUTING -p udp --dport 21 -j REDIRECT --to-ports 1194

      incoming WAN udp ports redirect to the internal openvpn Server, should this work on pfsense (with pf rules) ?

      thx for any help here.

      1 Reply Last reply Reply Quote 0
      • M
        mcdiesel last edited by

        Yes, can be done with NAT, and does work.

        Setup regular openvpn connection, in your choice of flavour.

        Additional changes…
        client - change port to alternate chosen 53, 21 etc, ie not 1194

        server - if 53, set DNS Resolver/Forwarder to not listen on WAN, by selecting only LAN, OPT, localhost etc

        server - firewall / NAT / Port forward
          interface WAN, protocol UDP, destination WAN address, destination port 53 (or 21 etc), redirect target IP x.x.x.x (WAN actual address, or an alias of it,  but not localhost), target port 1194

        vpn then connects., or at least in my lab it does. YMMV.

        Not sure how it would work with dynamic public IP on server side.

        Now you can vpn from places that block most outbound ports, but allow common ports like 53 , 80 etc, or to make it less obvious you are using vpn.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy