OpenVPN - NAT - DMZ

newnet82

Hi,

In my network, I have a DMZ (172.16.0.0/24), a LAN (192.168.1.0/24) and a WAN (W.X.Y.Z/24).

In the DMZ I have a smtp server. So I add a port forward rule for the port 25  and a firewall's rule in order to permit the send of my mail. Hopefully, I receive and send mails.

I followed the howto http://forum.pfsense.org/index.php?topic=28969.0 in order to create a tunnel between vpntunnel.se (or similar) and my LAN. It's running fine.

I always receive my emails

But I cannot send email, because pfsense wants pass their via the vpn and not via the WAN interface (I always receive their).

So I tried to add a "Firewall: NAT: Outbound" rule for the port 25 in DMZ. It's not ok.

Can you help me, please ?

Bruno

heper

is your openvpn your default gateway ?
even if it is, you should be able to add a Firewall rule on the correct interface (NOT NAT) to specify the desired gateway for whatever port/protocol you want.

so for example:
add a firewall rule on the DMZ tab, PASS, tcp, source: dmz-subnet, destination:any, destination port: 25, gateway: WANGW

newnet82

Hi Heper,

You have found my error ! I forget to change de gateway in the firewall rule.

Thx