[SOLVED?]need help for openvpn with NAT ( Port Forward, 1:1 and AON)
my config with Pfsense 1.2.3-RELEASE :
| | 16 IP = 80.xx.xx.1 - 80.xx.xx.4 ( sample )
| 192.168.0.1 ( Virtual IP )
192.168.0.2 | | 192.168.0.3
| | | |NAT ( Port Forward, 1:1 and AON)
| Main | | Backup |OPENVPN
| | | |
10.0.0.2 | | 10.0.0.3
| 10.0.0.1 ( virtual IP )
NAT rule :
80.xx.xx.1:5001 <=> 10.0.3.1:5000
80.xx.xx.1:5002 <=> 10.0.3.2:5000
80.xx.xx.1:5003 <=> 10.0.3.3:5000
80.xx.xx.2 <=> 10.xx.xx.2
80.xx.xx.3 <=> 10.xx.xx.3
80.xx.xx.4 <=> 10.0.2.XX ( 80.xx.xx.4 is output for all 10.0.2.x workstation )
if i put an openvpn client between router and pfsense i can be connected to 192.168.0.1
if i try to connect to openvpn by web and i try to connect to 80.xx.xx.x , i can see packet arrive in pfsense but nothing more…
i tryed many thing like create openvpn interface etc.... nothing work.
Could you help me
I was not sure my question was very clear, so I try to reformulate it :
If my OpenVpn client is on the 192.168.0.* network, for example 192.168.0.50, I can connect to my OpenVpn server by using the 192.168.0.2 address.
When my OpenVpn client is on the Internet (for example 111.222.xx.xx), obviously I cannot use the 192.168.0.2 address because it belongs to a private network. So I choose one of my 80.x.x.x addresses, for example 80.xx.xx.3 which is nated to 10.xx.xx.3, but then the connecion fails.
Which address should I use ?
Can I use any address in my range (84.xx.xx.1-84.xx.xx.4) ?
Do I have to reserve an address for OpenVpn Server ? How ?
Do I have to add a special configuration (adding an interface for example) ?
Thanks in advance
I found a solution to correct my problem but it is a bit strange !
To connect to OpenVpn using the address 80.xx.xx.3, I have added a port forward NAT:
80.xx.xx.3:1194 -> 127.0.0.1:1194
What do you think about this solution ?
Could security problems happen ?