Strange Error with Virtual IP
-
I have just installed pfBlockerNG and it's working fine with one exception that seems to be related to OpenVPN. I've been in touch with BBcan177 (author of pfBlockerNG) and he suggested checking here for some help.
The error is this:
There were error(s) loading the rules: /tmp/rules.debug:94: multiple binat ip addresses - The line in question reads [94]: binat on ovpns1 from { 192.168.1.0/24 10.10.10.1/32 } to any -> 172.20.1.0 @ 2017-10-14 13:09:04
I get this error when I reload the filter and pfBlocker is installed and enabled. Uninstalling or disabling pfBlockerNG makes the error go away.
It seems like OpenVPN is associating the pfBlockerNG Virtual IP (10.10.10.1) with the OpenVPN LAN, but OpenVPN LAN is 192.168.3.0/24.
I have searched my config and prior to install of pfBlocker, there is no mention of 10.10.10.1. I only get this error when I have pfBlocker loaded and enabled.
I have discovered the attached NAT 1:1 Maping and wonder if that is causing the issue? I wonder if checking that "Do not perform binat for the specified address" would fix the error? I don't understand what that does and before I start checking boxes, I generally like to understand implications.
Thanks for the help.
-
Just to follow up, I was able to get rid of this error, but disabling the 1:1 NAT mapping.