(SOLVED) Creating Outbound NAT from LAN (OpenVPN network) to LAN

SipriusPT

Hello,

This is a strange situation, I have at least one machine (aka NAS) where I cannot ping to it, connect it through smb and https, while I am in OpenVPN using just the IP.

If you need any extra configs just ask.

Anyone knows what can be?

Thanks!

viragomann

You may check if the pfSense is the default gateway on the NAS.

But I guess, it doesn't allow access from different networks. So check the settings and its firewall.

SipriusPT

@viragomann:

You may check if the pfSense is the default gateway on the NAS.

But I guess, it doesn't allow access from different networks. So check the settings and its firewall.

I forgot that this NAS could bring a firewall.

It is allowing all connections, there is no restriction to networks. =/

I will try to contact the support team of it, to know if is a known bug. It can be from that, it have a firmware a bit outdated.

Thanks viragomann!

viragomann

As a workaround you can try a source NAT rule for the NAS.

To do so, ensure that your outbound NAT is set to hybrid or manual rule generation.
Then add a new rule, set the interface to this one which is facing to the NAS (e.g. LAN), at source enter the vpn tunnel network, at destination enter the NAS IP, translation is to be set to "interface address".

SipriusPT

@viragomann:

As a workaround you can try a source NAT rule for the NAS.

To do so, ensure that your outbound NAT is set to hybrid or manual rule generation.
Then add a new rule, set the interface to this one which is facing to the NAS (e.g. LAN), at source enter the vpn tunnel network, at destination enter the NAS IP, translation is to be set to "interface address".

Thanks again viragomann, I was thinking in using NAT but never did a NAT from LAN to LAN.

I will let you know if I succed.

SipriusPT

viragomann, I am not being able to do that, as you said who is the way it make sense to me.

Here it goes:

0_1531410278198_transferir (1).png

viragomann

You have to select the interface which the NAS is connected to. I'm in doubt that this is a vpn interface.
Network + IP/32 is fine for a single host.

SipriusPT

@viragomann:

You have to select the interface which the NAS is connected to. I'm in doubt that this is a vpn interface.
Network + IP/32 is fine for a single host.

It was from the interface as you said, I change it to the one where NAS is connected and bang it show up eheh.

Thanks a lot one more time viragomann!

SipriusPT

I will also rename this thread to be more ease to find!

SipriusPT

Here it goes my working Outbound NAT from LAN to LAN: