Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN - NAT - DMZ

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      newnet82
      last edited by

      Hi,

      In my network, I have a DMZ (172.16.0.0/24), a LAN (192.168.1.0/24) and a WAN (W.X.Y.Z/24).

      In the DMZ I have a smtp server. So I add a port forward rule for the port 25  and a firewall's rule in order to permit the send of my mail. Hopefully, I receive and send mails.

      I followed the howto http://forum.pfsense.org/index.php?topic=28969.0 in order to create a tunnel between vpntunnel.se (or similar) and my LAN. It's running fine.

      I always receive my emails

      But I cannot send email, because pfsense wants pass their via the vpn and not via the WAN interface (I always receive their).

      So I tried to add a "Firewall: NAT: Outbound" rule for the port 25 in DMZ. It's not ok.

      Can you help me, please ?

      Bruno

      1 Reply Last reply Reply Quote 0
      • H
        heper
        last edited by

        is your openvpn your default gateway ?
        even if it is, you should be able to add a Firewall rule on the correct interface (NOT NAT) to specify the desired gateway for whatever port/protocol you want.

        so for example:
        add a firewall rule on the DMZ tab, PASS, tcp, source: dmz-subnet, destination:any, destination port: 25, gateway: WANGW

        1 Reply Last reply Reply Quote 0
        • N
          newnet82
          last edited by

          Hi Heper,

          You have found my error ! I forget to change de gateway in the firewall rule.

          Thx

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.