How to NAT wan pubblic ip to OpenVPN client
I have a TUN roadwarrior configuration, server is pfsense and client is Debian.
Pfsense have two real interface:
WAN with a pubblic ip adress XXX.XXX.XXX.XXX
the only one client that i have is 192.168.77.6
On client p-t-p is 192.168.77.5
On pfsense the interface ovpns1 as inet add 192.168.77.1, to view this I used the command shell beacuse the interface is not present in GUI.
ovpns1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
options=80000 <linkstate>inet6 fe80::250:56ff:fe93:4bd5%ovpns1 prefixlen 64 scopeid 0x9
inet 192.168.77.1 –> 192.168.77.2 netmask 0xffffffff
nd6 options=3 <performnud,accept_rtadv>Opened by PID 13705
I don't understand what is 192.168.77.2....
I have followed several tutorials and everything is working well between ovpn client and LAN.
Now i would like to NAT pubblic ip of pfsense to ovpn client, for example: XXX.XXX.XXX.XXX:22222->192.168.77.66:8088
I add a rule in Firewall>Nat but does not work.
this is my route table:
default xxx.xxx.xxx.1 UGS 0 10519 1500 em0
xxx.xxx.xxx.0/24 link#1 U 0 25030 1500 em0
xxx.xxx.xxx.xxx link#1 UHS 0 0 16384 lo0
127.0.0.1 link#5 UH 0 169 16384 lo0
192.168.3.0/24 link#2 U 0 109 1500 em1
192.168.3.1 link#2 UHS 0 50063 16384 lo0
192.168.77.0/24 192.168.77.2 UGS 0 673 1500 ovpns1
192.168.77.1 link#9 UHS 0 0 16384 lo0
192.168.77.2 link#9 UH 0 0 1500 ovpns1
I have notice that if I ping the client from GUI (Dignostic>Ping) it not responding in both interface (LAN and WAN) but if i ping from console it's work. From a LAN machine it's work.
Last week I tried it with a vpn ipsec, and everything works fine including the nat. But ipsec is computationally too heavy for my application, so I moved to OVPN.
Have a nice evening,
well, I resolved with this post http://forum.pfsense.org/index.php?topic=35445.0
Works but but I have to assimilate the reason.