How to pass traffic between LAN & VPN connection



  • LAN
    IP cam ip: 192.168.0.10

    VPN
    phone vip: 10.0.8.2

    i created LAN rules:
    Pass IPv4(/udp) from 192.168.0.10:* to 203.185.0.37:123 (so IP cam can connection to microsoft ntp server)
    Pass IPv4(tcp/udp) from 192.168.0.10:* to LAN net:* (so iphone cam app can connect to the IP cam with local wifi)
    Block IPv4* from 192.168.0.10:* to any:* (so no connection is allowed to the IP cam with 4G network)

    now, i want the phone cam app can connection to the IP cam through OPENVPN
    OpenVPN rule:
    Pass IPv4* from : to .
    the iphone safari can access 192.168.0.10 under OPENVPN
    but the cam app doesn't work

    I tried to add a LAN rule:
    Pass IPv4* from 192.168.5.60:* to network:10.0.8.0:* (doesn't work)
    Pass IPv4* from 192.168.5.60:* to 10.0.8.2:* (doesn't work)

    any advise?


  • Banned

    TLDR. but all you should have to do is add one rule on your OpenVPN server interface to allow your VPN server to access everything on your LAN.

    Pass IPV4 TCP/UDP $YOUR_VPN_SUBNET any $YOUR_LAN_SUBNET any

    $YOUR_VPN_SUBNET is the subnet found at VPN / OpenVPN / Servers under "Tunnel Network"

    You can replace $YOUR_LAN_SUBNET with an alias of the static IP's you want to allow access to if you'd like to limit it.

    @yashiharu:

    I tried to add a LAN rule:
    Pass IPv4* from 192.168.5.60:* to network:10.0.8.0:* (doesn't work)
    Pass IPv4* from 192.168.5.60:* to 10.0.8.2:* (doesn't work)

    I don't think you should need a LAN side rule at all unless you have a LAN rule that is explicitly blocking traffic? But you can try changing the VPN VIP to the VPN Subnet in those rules.


  • Banned

    @yashiharu:

    OpenVPN rule:
    Pass IPv4* from : to .
    the iphone safari can access 192.168.0.10 under OPENVPN
    but the cam app doesn't work

    This sounds like you have an app issue, check the app configuration or try a different app.


Log in to reply