[Solved] Connections across VPN getting NATed



  • Here is my setup:

    VPN Server                                       VPN Client
    tun0 (172.27.1.1/24)<–-------------> tun0(172.27.1.2/24)

    LAN (172.16.0.198/19)                        LAN(172.19.2.1/24)
              |
              |
              |
           Router
    int1 172.16.0.2
    int2 192.168.0.0/24

    OpenVPN client and server are connected and share subnet 172.27.1.1 for their link. All static routes are in place and all connections work fine but if a client, 172.19.2.100, pings another client, 192.168.0.180, 192.168.0.180 sees the connection coming from 172.27.1.2. It looks like VPN connections are getting NATed in both directions.

    Is there a way to avoid this? Normally this would all be fine, but I have a NEC VoIP phone I need to connect on 172.19.2.0 to connect to our PBX on 192.168.0.0 and it is VERY pissy about NATing.

    Any advice would be wonderful. If any more information is needed, let me know.

    Thanks!



  • Did you assign the tun interface as OPT?
    Did you create any AoN rules?



  • I assigned both tun interfaces as opt, and made an any/any/all rule for both of them.

    I tried with both automatic outbound NAT and manual with no rules. Both seemed to have the same result.



  • When you set up the AON rule for the tunnel, did you specify "no NAT"?



  • Thanks folks, I got it. I feel silly for not figuring that out. Can't wait till my pfSense book gets here, hopefully that will cut down on the forum posts :)

    Thanks again.


Log in to reply