4. Source nat question

Source nat question

  • M

    Hello,

    I connected my pfsense box to my openvpn server, with this config I am able to browse the internet.

    I'm trying to host a server that will be routed thru the openvpn network but I'm unsure how to configure pfsense to nat it. (outside clients cannot reach my internal server thru the openvpn WAN IP)

    i'm partially following this link, tho I'm not sure how to set the 2nd in pfsense (iptables -t nat -A POSTROUTING -d y.y.y.100 -p tcp –dport 6000 -j SNAT --to-source y.y.y.1) -
    https://unix.stackexchange.com/questions/55791/port-forward-to-vpn-client

    *edit- i've configured openvpn device mode as tap

    0
  • P

    1st: are sure you will really receive incoming packets on your VPN interface? You should have real IP on your VPN interface to accomplish this.
    2nd: add incoming NAT rule for external access, check FROM SOME OTHER LOCATION and watch in States for connections to your internal server. Connection would not work now, but you should see connection attempts to your internal server.
    3rd: go to advanced outbound NAT, create a topmost rule:
    interface: OpenVPN
    source: any
    port: any
    destination: your internal server IP (type: network, your IP, network /32)
    port: specific port or any
    Translation address: Other subnet and type in your LAN address in network format with /32

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy