1. Home
  2. pfSense® Software
  3. OpenVPN
  4. Simple OpenVPN NAT question

Simple OpenVPN NAT question

  • J

    Hi all,

    I have two OpenVPN clients VPN'd into a server at HQ:

    Site A - 172.16.20.0/24
    Site B - 172.16.30.0/24

    HQ can ping both sites and both sites can ping each other so the VPN is all good.

    However, I need to apply some outbound NAT so that HQ can reach both Site A and Site B on a new translated IP range:

    192.168.20.0/24 for Site A
    192.168.30.0/24 for Site B

    It's been a while since i've played with pfSense and I did do this successfully some time back my lab setup but can't for the life of me remember how I did it!

    Any advice would be a real help.

    James

    0
  • jimp
    Rebel Alliance Developer Netgate

    The NAT would have to be done on the client side. Put 1:1 NAT entries on the OpenVPN interface on the client routers, external subnet = your translated subnet, internal subnet = site a/b real LAN subnet

    0
  • J

    Thanks Jim, would I also need to add an iroute and 'route' for the translated subnet on the server that they are VPN'd into?

    0
  • jimp
    Rebel Alliance Developer Netgate

    Yes, you'd route to the translated subnet

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy