Public-IPs over OpenVPN



  • Hi Guys,

    I have a pfsense firewall in a Datacenter. I got a /29 Network provided by the Datacenter and want to use this IPs at an other site.

    In the Datacenter there is a Route for the /29 net, which points to the WAN-IP von pfsense.
    I created an OpenVPN-Server using the /29 as Tunnel Network, Topology Subnet and Server mode Remote Access.
    At the Pfsense on outside the datacenter I configured the OpenVPN-Client and it successfully got an IP address from the /29 address space.
    I did create an Outband Nat rule on the OpenVPN-Client Pfsense: Nat all traffic for the Open-VPN Interface with the Openvpn-interface-address.
    If I now create a advanced firewall rule and set the openvpn-tunnel as gateway, I can surf the web with the IP from the /29 net.

    But how can I get inbound connections in order to use servers outside the datacenter, but with datacenters ip?

    I tried to create a 1:1 NAT-Rule as I do when I would like to map a WAN IP to a rfc1918 ip from the lan. But in this case, I cannot reach any service on the IP from the /29 net, which is routet trough the vpn-tunnel.

    I added several allow all firewall rules, but doesen't work. It seems that this issue is related to NAT, rather than firewall rules.

    Anybody knows, what the problem is or an other why to use a Public-IP on an other site?

    Thanks for reading!

    Best regards
    Chris


Log in to reply