Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Policy routing with NAT.

    Scheduled Pinned Locked Moved NAT
    4 Posts 2 Posters 399 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bakerjw
      last edited by

      I am running OpenVPN and using NordVPN and it works very well.
      Working at home now if you can believe that and due to some performance issues, I need to configure an IP address to go around the VPN.

      I am wanting traffic to or from IP 192.168.0.50 to route out the Wan port rather than through the VPN.

      I set up policy routing as configured below. I've struggled with this in the past and know that I have to configure NAT to direct inbound traffic back to IP 192.168.0.50.

      2187aaa9-6eb6-4d26-b50d-6fd969053b3c-image.png

      I have configured NAT outbound as shown here but without much success.
      c39b4510-f623-4e80-8676-5196a7d0bf94-image.png

      Am I missing something simple here? Any guidance is appreciated.
      Thanks

      Bob.DigB 1 Reply Last reply Reply Quote 0
      • Bob.DigB
        Bob.Dig LAYER 8 @bakerjw
        last edited by

        @bakerjw I would do it the other way around. Everything out to WAN, selected to VPN.

        1 Reply Last reply Reply Quote 0
        • B
          bakerjw
          last edited by

          I want all traffic through the VPN with the exception of what I allow through to my ISP.

          Setting up 192.168.0.90 as a policy route with a NAT configured allows a computer to connect to everything that it needs.

          With a smart device...
          If I configure 192.168.0.91 as a policy route and NAT configured the same way and try to connect to VUDU, it times out.
          If I put 192.168.0.91 at the bottom of the policy route and bottom of the NAT and try to connect to VUDU, I get the good ole 1:200 error synonymous with VPN usage.

          It's like Vudu is starting up a new connection back through and it is not making it to the originating IP address. That's why I'm wondering if I did the NAT correctly.

          1 Reply Last reply Reply Quote 0
          • B
            bakerjw
            last edited by

            Ok.. Got it.
            I was assigning DNS entries from my PFSense box which was using NordVPN DNS servers.
            I plugged in my ISP DNS entries and voila'... All is good now.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.