1. Home
  2. Off-Topic & Non-Support Discussion
  3. Force source IP address

Force source IP address

  • B

    Hello,

    I have a rather annoying problem: I have a pfsense installation with 2 interfaces (LAN/WAN) and a site to site OpenVPN tunnel. I need to contact an LDAP server through the OpenVPN tunnel from the host pfsense. When I ping the IP address of the LDAP server from the pfsense, the WAN IP address of the pfsense is used and the destination is never reached (traffic exits through the WAN interface). If I force the source address of the ping (option -S) with the IP address of the LAN interface, it works. Hence my question: how to set up that you must first use the IP address of the LAN interface to reach an X.X.X.X.X.X network from pfsense? NAT does not seem to work because the wrong output interface is choosed. I think something like interface priority...

    0
  • V

    That can be done with Firewall > NAT > Outbound.
    Guess, it's still working in automatic mode. So activate the hybrid mode first.
    Then add a new rule. At interface select that one you have assigned to the site to site OpenVPN instance, or OpenVPN if you haven't.
    At destination enter the IP of the LDAP server and at translation address enter the LAN IP of pfSense.

    1
  • B

    Absolute genius :)
    It works !
    Thanks a lot

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy