Policy routing with NAT.



  • I am running OpenVPN and using NordVPN and it works very well.
    Working at home now if you can believe that and due to some performance issues, I need to configure an IP address to go around the VPN.

    I am wanting traffic to or from IP 192.168.0.50 to route out the Wan port rather than through the VPN.

    I set up policy routing as configured below. I've struggled with this in the past and know that I have to configure NAT to direct inbound traffic back to IP 192.168.0.50.

    2187aaa9-6eb6-4d26-b50d-6fd969053b3c-image.png

    I have configured NAT outbound as shown here but without much success.
    c39b4510-f623-4e80-8676-5196a7d0bf94-image.png

    Am I missing something simple here? Any guidance is appreciated.
    Thanks



  • @bakerjw I would do it the other way around. Everything out to WAN, selected to VPN.



  • I want all traffic through the VPN with the exception of what I allow through to my ISP.

    Setting up 192.168.0.90 as a policy route with a NAT configured allows a computer to connect to everything that it needs.

    With a smart device...
    If I configure 192.168.0.91 as a policy route and NAT configured the same way and try to connect to VUDU, it times out.
    If I put 192.168.0.91 at the bottom of the policy route and bottom of the NAT and try to connect to VUDU, I get the good ole 1:200 error synonymous with VPN usage.

    It's like Vudu is starting up a new connection back through and it is not making it to the originating IP address. That's why I'm wondering if I did the NAT correctly.



  • Ok.. Got it.
    I was assigning DNS entries from my PFSense box which was using NordVPN DNS servers.
    I plugged in my ISP DNS entries and voila'... All is good now.


Log in to reply