Not natted access to LAN network


  • Hi all, I'm trying to allow the OpenVPN users to access to our LAN servers without using NAT and be able to track the real user's IP assigned by the VPN DHCP, and send traffic from our internal servers to the VPN Clients.

    If I disable the Outbound NAT, I can't access to anything. I have pushed the route to the LAN segment on my client.

    What am I missing? Need some help with this in pfsense, I have done it in other comercial firewall without issues.
    Thanks!


  • Is pfSense the default gateway on the servers?


  • No, the default gateway is the VPC Internet Gateway (they are on AWS)...

    💡 maybe I have to add the routes to the AWS Lan configuration...


  • @jere7em said in Not natted access to LAN network:

    No, the default gateway is the VPC Internet Gateway (they are on AWS)...

    That's why you need NAT.

    @jere7em said in Not natted access to LAN network:

    maybe I have to add the routes to the AWS Lan configuration...

    Don't know the structure of the AWS network, so I cannot help.

    If it's possible you can install a transit network between the default gateway and pfSense. So you have only to add a static route for the LAN to pfSense.
    Otherwise you will need a static for the OpenVPN tunnel network route on each device the VPN clients should be able to access.