Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    need to change ip address after openvpn

    NAT
    2
    9
    98
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wilfrid last edited by

      Hi guys,

      I have a pfSense with an openVPN server for routing to a external subnet.
      The transfer net is 192.168.88.0 , the external network is 192.168.49.0 and my lan behind the pfSense is 192.168.0.0

      Now a client from the second network (ex. 192.168.49.101) will make a envoking to 192.168.0.25;
      this client (the 192.168.0.25) allowed only client from the local addresses.
      How can I transfer my external address 192.168.49.101 to 192.168.0.101 ??

      I have try to make a NAT 1:1, but there was no result ...

      any ideas ?

      thank you

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @wilfrid last edited by

        @wilfrid
        You can do this with outbound NAT on pfSense.

        Switch to the hybrid operation mode first and save it.
        Then add a new rule:
        interface: LAN
        source: the external network
        dest: 192.168.0.25
        translation: interface address

        W 1 Reply Last reply Reply Quote 0
        • W
          wilfrid @viragomann last edited by

          @viragomann : Its dont work so, I dont need all traffic to the new address.

          I need that the client from second network ex 192.168.49.101 has for all traffic in first network the client address 192.168.0.101,
          like a local client ....

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @wilfrid last edited by

            @wilfrid said in need to change ip address after openvpn:

            Its dont work so, I dont need all traffic to the new address.

            This does not apply to the whole traffic, it only applies to what you enter at source and destination.

            I need that the client from second network ex 192.168.49.101 has for all traffic in first network the client address 192.168.0.101,
            like a local client ....

            What is the different between interface address and any other IP in the local range for this purpose?

            If you want to access the server using 192.168.0.101 for whatever reason, add this IP to the LAN interface as "IP Alias" and then select it in the outbound NAT rule at translation address.

            W 1 Reply Last reply Reply Quote 0
            • W
              wilfrid @viragomann last edited by

              @viragomann : the reason for this NAT is there is a client that only allows access from this network.
              I have a site to site connected VPN over a tunnel network and need now that the second client get a (virtual) address from local network

              LAN2 192.168.490 /24

              PC1 192.168.49.101 <=== VPN ===>

              W 1 Reply Last reply Reply Quote 0
              • W
                wilfrid @wilfrid last edited by

                @wilfrid

                LAN 2 192.168.49.0 / 24 Tunnel 192.168.99.0/30 LAN 1 192.168.0.0 /24

                PC1 192.168.49.101 <======VPN ======> access to 192.168.0.25 as local client
                (the client address must be in 192.168.0.0/24)

                V 1 Reply Last reply Reply Quote 0
                • V
                  viragomann @wilfrid last edited by

                  @wilfrid
                  So add the outbound NAT rule as suggested above and it is done well.

                  W 1 Reply Last reply Reply Quote 0
                  • W
                    wilfrid @viragomann last edited by

                    @viragomann
                    I have do this,
                    but if I capture packets with the diagnostic tool is there only the original network address

                    W 1 Reply Last reply Reply Quote 0
                    • W
                      wilfrid @wilfrid last edited by

                      @wilfrid thank you , its work

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post

                      Products

                      • Platform Overview
                      • TNSR
                      • pfSense Plus
                      • Appliances

                      Services

                      • Training
                      • Professional Services

                      Support

                      • Subscription Plans
                      • Contact Support
                      • Product Lifecycle
                      • Documentation

                      News

                      • Media Coverage
                      • Press
                      • Events

                      Resources

                      • Blog
                      • FAQ
                      • Find a Partner
                      • Resource Library
                      • Security Information

                      Company

                      • About Us
                      • Careers
                      • Partners
                      • Contact Us
                      • Legal
                      Our Mission

                      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                      Subscribe to our Newsletter

                      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                      © 2021 Rubicon Communications, LLC | Privacy Policy