OpenVPN settings and outbound NAT ?



  • Hello,

    I've just watched this video https://youtu.be/ov-xddVpxhc?t=5m2s and was wondering what part of the OpenVPN settings stops LAN to WAN traffic, until a outbound NAT has been added ? Oh I forgot to add, it's from 5:00 I'm wondering about.

    Dave.



  • Reserved IP addresses are not routable on the internet, so in order for your LAN devices to reach the internet, the egress traffic must be translated to a public IP, so it can be routed on the internet. Which is why the outbound NAT is necessary.

    PFsense does this for you for all physical interfaces when your outbound NAT is set to automatic. However, when you are assigning a VPN tunnel to an interface, a manual outbound NAT rule is required in order to reach the internet using that tunnel.


  • Netgate

    Right. And usually in that case you are natting to another private address but it is something the VPN provider knows how to route to. They will NAT your traffic to a public, routeable address somewhere in their network where it transits to the public internet.



  • Ok, I think I get it now, It confused me when the VPN is added it appeared to 'cutoff' the normal traffic from LAN to WAN

    Dave.