How to NAT wan pubblic ip to OpenVPN client

  • Hello everybody,
    I have a TUN roadwarrior configuration, server is pfsense and client is Debian.
    Pfsense have two real interface:
    WAN with a pubblic ip adress XXX.XXX.XXX.XXX
    the only one client that i have is
    On client p-t-p is

    On pfsense the interface ovpns1 as inet add, to view this I used the command shell beacuse the interface is not present in GUI.

    ovpns1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
    options=80000 <linkstate>inet6 fe80::250:56ff:fe93:4bd5%ovpns1 prefixlen 64 scopeid 0x9
    inet –> netmask 0xffffffff
    nd6 options=3 <performnud,accept_rtadv>Opened by PID 13705

    I don't understand what is

    I have followed several tutorials and everything is working well between ovpn client and LAN.
    Now i would like to NAT pubblic ip of pfsense to ovpn client, for example: XXX.XXX.XXX.XXX:22222->

    I add a rule in Firewall>Nat but does not work.

    this is my route table:

    default UGS 0 10519 1500 em0 link#1 U 0 25030 1500 em0 link#1 UHS 0 0 16384 lo0 link#5 UH 0 169 16384 lo0 link#2 U 0 109 1500 em1 link#2 UHS 0 50063 16384 lo0 UGS 0 673 1500 ovpns1 link#9 UHS 0 0 16384 lo0 link#9 UH 0 0 1500 ovpns1

    Any ideas?

    I have notice that if I ping the client from GUI (Dignostic>Ping) it not responding in both interface (LAN and WAN) but if i ping from console it's work. From a LAN machine it's work.

    Last week I tried it with a vpn ipsec, and everything works fine including the nat. But ipsec is computationally too heavy for my application, so I moved to OVPN.

    Have a nice evening,

  • well, I resolved with this post

    Works but but I have to assimilate the reason.

Log in to reply