Use Public IP site A for server on site B

lio1503 · Jun 16, 2024, 9:24 PM

Hi everyone

I'm looking for a solution to use my additional public ip on site A to reach a server on site B.
Both site are connected via openvpn site to site and everything work.But when I make a NAT between the public IP on site A and server on site B it doesnt work.

Thanks in advance.

viragomann · Jun 17, 2024, 2:48 PM

@lio1503
At site B you have to assign an interface to the respective OpenVPN instance, if you haven't done this already.

Then move over the firewall rule for passing the traffic to this new interface.

Ensure that there is no pass rule on the OpenVPN tab, which matches the forwarded traffic!

lio1503 · Jun 17, 2024, 2:48 PM

@viragomann

Thanks for the reply.
I do this but its doesnt work.
You can see the config on images.

Firewall on site A

NAT
login-to-view

RULES WAN TAB
login-to-view

RULES OPENVPN TAB
login-to-view

Firewall on site B

INTERFACE OPENVPN
login-to-view

RULES OPENVPN INTERFACE TAB
login-to-view

RULES OPENVPN TAB
login-to-view

viragomann · Jun 17, 2024, 3:02 PM

@lio1503
Are you sure, that the destination server allows access from outside of it's subnet?

On pfSense you can investigate the traffic flow with Diagnostic > Packet Capture.
At site B sniff the traffic on the internal interface and check if you can see the forwarded packets and responses from the server.

lio1503 · Jun 17, 2024, 3:02 PM

@viragomann

Thanks for your help.Its work now.
In fact its was my openvpn interface that not handle ip address.