Assign vip to pfsense wan interface…
-
Here's why I ask - I have an AT&T adsl connection with multiple static ip's. AT&T provisions me a /29 network, which I have entered all addresses into the vip tab. I use nat with my vip and forward to respective servers, etc. All that is and has been working fine forever. The problem I have is with AT&T's method of allocating ip's - when I establish my wan connection (pppoe), the wan is assigned a dynamic address and AT&T routes my statics. I would like to assign (or whatever I need to do) one of my vips to the wan interface so that I can use pfsense's built-in vpn functions (pptp). As it is now, before I leave work, I have to check and see what (dynamic) address my wan interface has so that I can vpn to it from outside. Well, I'll leave the rest to you pfsense gurus - thanks.
-
As I understand you already have VIPs on WAN. Choose one you want to use for PPTP and create two rules on WAN interface:
allow proto gre from any to this VIP
allow proto tcp port 1723 from any to this VIPProbably it will work…
-
Thank You - will tryout over the long weekend and let you know.
-
Just a thought. You could try dyndns and vpn to a domain name instead of having to look up the address.