NAT 1:1, openVPN client <–> VLAN ?

  • Hi.

    First off I've only got some basic knowledge in routing etc but I've been a happy user of pfSense since a couple of years and I'm learning as I go.

    I've had some problems that relates to my pfSense, openVPN and VoIP box. The VoIP needs to be routed through a VPN as VoIP is blocked by the ISP in this country. My VPN provider provides a public IP, not shared. Even though I've got all port forwards setup for the VoIP it keeps disconnecting daily so for trouble shooting I'd like to set up a NAT 1:1 for the VoIP box to see if that helps.

    My VPN provider let me have 6 simultaneous tunnels so my idea is to set up another VPN tunnel + isolated VLAN for the VoIP box and have that as NAT 1:1. As my VPN client receives a dynamic (public) IP I get stuck at the virtual IP section where one is suppose to set the virtual IP the same as the public IP. What happens when the connection is being reset and I get another IP from the VPN provider?

    So basically what I'm trying to do:
    OVPN2 (dynamic public IP) - NAT 1:1 - VLAN3
    Any chance someone can guide me in the right direction and is it even possible to do what I'm trying to do?


    Additional info if needed, the setup at the moment is:

    WAN - pfSense openVPN client - 3 LAN segments (1 physical and 2 VLAN).
    My switches supports VLAN (Unifi switches and Unifi AP Pro wifi)
    LAN and VLAN1 (guest Wifi) are routed through the openVPN client and VLAN2 through WAN, all done by firewall policy routing and works like a charm!

  • No one really?