CREATE RULE NAT OVER OPEN VPN CLIENT.

charneval · Jun 1, 2022, 3:42 PM

Hello everybody.
I made a client server vpn between a mikrotik routerboard (openvpn client) and a pfsense with version 2.5.2 (openvpn server).
The network is thus configured.
lan pfsense 192.168.10.50/24 (WAN: 92.245.173.69)
mikrotik routerboard 192.168.88.1 connected via openvpn to pfsense.
Photovoltaic Web Server: 192.168.88.2 (responds on port 80.

If I connect to the 192.168.10.0/24 network via openvpn client and try to reach the photovoltaic webserver, the pfsense then re-routes me correctly on 192.168.88.2:80

What I fail to realize is this.

I should do a Hybrid Outbound NAT rule generation.
(Automatic Outbound NAT + rules below))
to be able from the public ip 92.245.173.69 configured on the pfsense wan to reach the webserver 192.168.88.2 and then reach it through the vpn.

I am attaching some screenshots of the configuration.

viragomann · Jun 2, 2022, 3:04 PM

@charneval
There is the same mistake as in your other thread. You must not state a translation port in the outbound NAT rule. Leave the port field blank.

And you should state WAN address as destination in the port forwarding rule.

charneval · Jun 6, 2022, 8:00 AM

@viragomann
Thanks very much for your support.

Now I have been able to understand well how nat outbound works and how to set the rules.
The passage to the rule works perfectly through the openvpn and my problem was related to the insertion of the door in the translation part.
The pfsense forum is the place where thanks to very competent people you can find all the solutions.

THANK YOU