4. Source nat question

Source nat question

  • M

    Hello,

    I connected my pfsense box to my openvpn server, with this config I am able to browse the internet.

    I'm trying to host a server that will be routed thru the openvpn network but I'm unsure how to configure pfsense to nat it. (outside clients cannot reach my internal server thru the openvpn WAN IP)

    i'm partially following this link, tho I'm not sure how to set the 2nd in pfsense (iptables -t nat -A POSTROUTING -d y.y.y.100 -p tcp –dport 6000 -j SNAT --to-source y.y.y.1) -
    https://unix.stackexchange.com/questions/55791/port-forward-to-vpn-client

    *edit- i've configured openvpn device mode as tap

    0
  • P

    1st: are sure you will really receive incoming packets on your VPN interface? You should have real IP on your VPN interface to accomplish this.
    2nd: add incoming NAT rule for external access, check FROM SOME OTHER LOCATION and watch in States for connections to your internal server. Connection would not work now, but you should see connection attempts to your internal server.
    3rd: go to advanced outbound NAT, create a topmost rule:
    interface: OpenVPN
    source: any
    port: any
    destination: your internal server IP (type: network, your IP, network /32)
    port: specific port or any
    Translation address: Other subnet and type in your LAN address in network format with /32

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy