Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] When outbound rule is needed VS not (Route existing)

    Scheduled Pinned Locked Moved
    Routing and Multi WAN
    2
    2
    66
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Bambos
      last edited by Bambos

      Hello everyone,

      i have notice that pfsense sometimes needs added outbound rule to complete the route correctly, between VPN clients and remote access clients.

      Is there a clear distinction between when an outbound rule is needed and when not ??
      Sometimes the routing is created over the VPN Client gateway (i can see in routes) but the traffic is not routed if packets are coming from elsewhere.

      Please lights out. Thanks !

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Bambos
        last edited by

        @Bambos
        pfSense itself never needs outbound NAT rules. It's rather the outside world, who needs it.

        The point is to enable the outside world to communicate with your local devices, which probably resides inside a private subnet.
        If the outside world has no route to your subnet pointing to your (VPN) interface IP, you need to masquerade the source IP on outgoing packets with the interface IP with an outbound NAT rule.

        If you have a site-to-site VPN the remote site has usually a route for your local subnets. So there is no rule needed then.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post