Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Portforword through a VPN client

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 66 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • U Offline
      Udbytossen
      last edited by

      Svar: Portforword through a VPN client
      Hi Again - sorry for the late answer, but had some other more important things to handle.
      I having my VPN through Torguard - and have created the portforward in torguard to allow the port 19999 beeing forwarded to a local server in the subnet 172.16.40.1/24

      I have an OpenVPN client connected on my PFsense+ - where I dedicated a subnet to use this OpenVPN client -- 172.16.40.1/24
      All my clients are running fine outgoing traffic - which its mainly used for - all outgoing traffic works as intended..
      But I would like to get access to an HTTP server - through the public IP provided by the OpenVPN Client, and then connect to the port 80 on the local server located in the Provided subnet

      Lets say I'm getting the public IP 22.22.22.22 when connecting the OpenVPN Client on my PFsense.
      Then my goal is forwarding the port 19999 to port 80 (test setup)
      So the goal is the when accessing the address http://22.22.22.22:19999 - it'll forward the request to 172.16.40.5:80
      BUT - I can not make this work - for some reasons - and thinking this can not be that big an issue - but it is.

      I've tried to NAT the port directly:
      Nat_on_interface.png
      So the rule looks like this
      NAT-Portforward.png
      Edit the newly created Rule on torguard interface
      NAT_Firewall_rules.png
      Changed the Gateway under advanced setting for the Rules
      Nat_Advanced_Gateway.png
      So the RUle under the Torguard Interface looks like this
      Torguard_subnet_rules.png
      But as the picture shows - I'm just not getting any trafic through this nat - trying the address: http://22.22.22.22:19999 is just not reachable, and the rule does not show any traffic.

      I've tried creating the rules without NAT, creating it in firewall rules only the same issue remains. I can not get trough on the port - and still not seeing any traffic goes through - neither way. This is the setup - only with a rule created for the interface torguard.
      Firewall rule only.png

      So what am I missing - or do I misunderstand it all - I've done it before several years ago but can not remember other than I did it in firewall rules. But I can not figure this out, and a simple task - that I have no issues with - as Normal NAT - but this behind and openVPN Client really make me confused.

      Thanks in Advance.
      U

      V 1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann @Udbytossen
        last edited by

        @Udbytossen said in Portforword through a VPN client:

        Lets say I'm getting the public IP 22.22.22.22 when connecting the OpenVPN Client on my PFsense.

        I'm in doubt, that your VPN client gets a public IP.
        You might rather mean, if you access the internet through the VPN, the traffic is coming from a public IP. But there is pretty a difference.

        Then my goal is forwarding the port 19999 to port 80 (test setup)

        Assuming your VPN client gets a private IP, this requires, that the VPN provider forwards the traffic to it. Is this even given?
        If so, your rule should show hits if you try to access it from outside.

        @Udbytossen said in Portforword through a VPN client:

        Edit the newly created Rule on torguard interface

        This screenshot show that the rule is on the WAN interface, which would be wrong.

        @Udbytossen said in Portforword through a VPN client:

        Changed the Gateway under advanced setting for the Rules

        This is nonsense. The Torguard gateway is the VPN server. So why want you redirect traffic coming from the VPN server back to it?

        U 1 Reply Last reply Reply Quote 0
        • U Offline
          Udbytossen @viragomann
          last edited by Udbytossen

          @viragomann
          Well - I'm not sure that I Then described it wrigth, so I'll try answer as good as I can.
          I Have created a subnet on my router, as 172.16.40.0/27 - and installed an VPN client - and set it up so all in this subnet are routet through the VPN-klient - I have a dedicated IP 22.22.22.22, where I can forward port from the Dedicated IP in their admin Interface

          @viragomann said in Portforword through a VPN client:

          Assuming your VPN client gets a private IP, this requires, that the VPN provider forwards the traffic to it. Is this even given?

          That are given - so to speak - I Can forward port int the provider Interface - where I created a rule for port TCP:19999 - and the provider says they are effective.
          torguard settings1.png

          Allthough I can see traffic are beeing drop by the firewall - but can not see the traffic comes through
          BLocked traffic.png

          The correct screenshot of the firewall rulesa. Under Advanced is the gateway also set to torguard - so the right screenshot of the created NAT andautomatically created firewall rule, is these 20
          Torguard NAT settings.png
          Torguard  firewall RUles(created by nat).png

          And under the firewall rule advanced setting I'm changing the gateway to Torguard instead of default
          Advanced Settings firewall rules.png

          Hopefully that'll explain it a meaning that its understandable.

          Thanks in Advance
          U

          V 1 Reply Last reply Reply Quote 0
          • V Offline
            viragomann @Udbytossen
            last edited by

            Well, if this is correct as far, you should be close to get it working.

            @Udbytossen said in Portforword through a VPN client:

            And under the firewall rule advanced setting I'm changing the gateway to Torguard instead of default

            But already mentioned, that this makes no sense at all. So edit the rule and set the gateway to default.

            Then go to the OpenVPN rule tab and remove or disable each pass rule.
            Done.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.