Correct outbound NAT configuration



  • Hi everyone.  I need some clarification on openvpn clients and outbound NAT.

    I have 5 openvpn clients running and each client has it's own interface.  I have each of the 5 openvpn interfaces grouped into 1 single vpn gateway group.

    vpn group = vpn1, , vpn2, vpn3, vpn4, vpn5

    Questions:

    1. When I'm dealing with outbound NAT do i need to create a unique entry for each interface (vpn1, vpn2, ….) or can I just select the OPENVPN option?
    2. below table is what i have currently, would i need to create a outbound NAT rule for each interface for the ISAKMP and the WAN rule specific to the vpn or openvpn interface choice?

    Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description Actions
    WAN 127.0.0.0/8 * * 500 WAN address * Auto created rule for ISAKMP - localhost to WAN  
    WAN 127.0.0.0/8 * * * WAN address * Auto created rule - localhost to WAN  
    WAN 10.180.24.0/24 * * 500 WAN address * Auto created rule for ISAKMP - LAN to WAN  
    WAN 10.180.24.0/24 * * * WAN address * Auto created rule - LAN to WAN


Log in to reply