Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN settings and outbound NAT ?

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 3 Posters 621 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ?
      A Former User
      last edited by A Former User

      Hello,

      I've just watched this video https://youtu.be/ov-xddVpxhc?t=5m2s and was wondering what part of the OpenVPN settings stops LAN to WAN traffic, until a outbound NAT has been added ? Oh I forgot to add, it's from 5:00 I'm wondering about.

      Dave.

      1 Reply Last reply Reply Quote 0
      • M
        marvosa
        last edited by

        Reserved IP addresses are not routable on the internet, so in order for your LAN devices to reach the internet, the egress traffic must be translated to a public IP, so it can be routed on the internet. Which is why the outbound NAT is necessary.

        PFsense does this for you for all physical interfaces when your outbound NAT is set to automatic. However, when you are assigning a VPN tunnel to an interface, a manual outbound NAT rule is required in order to reach the internet using that tunnel.

        1 Reply Last reply Reply Quote 1
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Right. And usually in that case you are natting to another private address but it is something the VPN provider knows how to route to. They will NAT your traffic to a public, routeable address somewhere in their network where it transits to the public internet.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • ?
            A Former User
            last edited by

            Ok, I think I get it now, It confused me when the VPN is added it appeared to 'cutoff' the normal traffic from LAN to WAN

            Dave.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.