Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Portforward configuration for pfSense

    Scheduled Pinned Locked Moved
    OpenVPN
    pfsense openvpn portforward
    2
    2
    179
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kstlan02
      last edited by

      I have a problem that I would like you to help me solve.

      I'm new to using pfSense and Docker, I want to make a VPN connection but I'm having trouble doing the correct port forwarding.

      The IP's of my devices are the following:

      MY COMPUTER DEVICE IP: 192.168.100.9/24.

      WITHIN MY COMPUTER I AM RUNNING VIRTUALBOX

      First Virtual Machine: pfSense

      pfSense IP WAN 192.168.100.25/24.

      pfSense IP LAN 10.0.0.1/24.

      Second Virtual Machine: Kali Linux

      IP 10.0.0.11/24.

      Both virtual machines are running with network configuration:

      As for pfSense, I have the first adapter in bridge mode to be able to receive the IP from my ISP.

      The second adapter in mode: Host Only Adapter.

      Inside Kali Linux Docker is running

      Docker Network: 15.0.0.1/24

      IP of my OPENVPN container: 15.0.0.2/24

      ┌──(root㉿kali)-[/home/kali]

      └─# docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' openvpn-server

      15.0.0.2

      I already have ports from my ISP provider opening to pfSense 192.168.100.22 with UDP 1194.

      I have this configuration in pfSense to do port forwarding from the WAN to the LAN.

      f28185e1-8d03-4867-b23d-94111295f929-image.png

      9ceb9012-1156-47a0-94ed-2157c6d8af03-image.png

      My question is: Do I have to do the port forwarding from the WAN to the LAN or do I have to do it from the WAN to the Docker container that is running OpenVPN?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @kstlan02
        last edited by

        @kstlan02
        First off, it's not wise to use public IP ranges in the local network, even for docker.

        Then I'm wondering, why don't you run the OpenVPN server on pfSense.

        Do I have to do the port forwarding from the WAN to the LAN or do I have to do it from the WAN to the Docker container that is running OpenVPN?

        "LAN address" is the wrong destination here for sure. This is an IP assigned to pfSense itself. Hence forwarding to it, is not that, what you want.

        The question is then, how can pfSense reach the container?
        I'd expect, that the container gets its traffic forwarded inside the VM. But don't know, how you did configure it.

        So you have to forward the OpenVPN traffic either to the VM address or to the container IP. In the latter case, you would need to add a static route for it on pfSense of course.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post