Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Route for DNSBL VIP through site to site OpenVPN tunnel

    Scheduled Pinned Locked Moved pfBlockerNG
    1 Posts 1 Posters 127 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • LannaL
      Lanna
      last edited by Lanna

      Something got my head scratching for a couple of days so I turn to the forum for help. I have 3 sites dial in to my main site with OpenVPN, all pfSense boxes. In order to simplify my administration load, I have all remote sites use the DNS Resolver of the main site. This works well for me and I can just keep an eye on everything in one place.

      HOWEVER, I started using pfBlocker to do DNSBL stuff. What's got me stuck is routing responses from the VIP at the main site back to clients at the remote sites. If I SSH into a client at a remote site and attempt to ping 10.10.10.1, the ping arrives at 10.10.10.1 but the response is just routed out to a WAN instead of being routed through the tunnel back to the client.

      I'm sure some jiggery pokery with the floating rule will fix this, but I haven't figured it out. Please help, this one is doing my head in.

      https://www.youtube.com/watch?v=Fc87pw1aYPg

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.