• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Force source IP address

Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
4 Posts 3 Posters 1.3k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    bcarnazzi974
    last edited by Jun 7, 2019, 12:33 PM

    Hello,

    I have a rather annoying problem: I have a pfsense installation with 2 interfaces (LAN/WAN) and a site to site OpenVPN tunnel. I need to contact an LDAP server through the OpenVPN tunnel from the host pfsense. When I ping the IP address of the LDAP server from the pfsense, the WAN IP address of the pfsense is used and the destination is never reached (traffic exits through the WAN interface). If I force the source address of the ping (option -S) with the IP address of the LAN interface, it works. Hence my question: how to set up that you must first use the IP address of the LAN interface to reach an X.X.X.X.X.X network from pfsense? NAT does not seem to work because the wrong output interface is choosed. I think something like interface priority...

    1 Reply Last reply Reply Quote 0
    • V
      viragomann
      last edited by Jun 7, 2019, 12:57 PM

      That can be done with Firewall > NAT > Outbound.
      Guess, it's still working in automatic mode. So activate the hybrid mode first.
      Then add a new rule. At interface select that one you have assigned to the site to site OpenVPN instance, or OpenVPN if you haven't.
      At destination enter the IP of the LDAP server and at translation address enter the LAN IP of pfSense.

      S 1 Reply Last reply Sep 29, 2022, 4:41 PM Reply Quote 2
      • B
        bcarnazzi974
        last edited by Jun 7, 2019, 1:14 PM

        Absolute genius :)
        It works !
        Thanks a lot

        1 Reply Last reply Reply Quote 0
        • S
          sinapseredes @viragomann
          last edited by Sep 29, 2022, 4:41 PM

          @viragomann , thanks!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            [[user:consent.lead]]
            [[user:consent.not_received]]