Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to NAT wan pubblic ip to OpenVPN client

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 1 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      diotta
      last edited by

      Hello everybody,
      I have a TUN roadwarrior configuration, server is pfsense and client is Debian.
      Pfsense have two real interface:
      LAN 192.168.3.0/24
      WAN with a pubblic ip adress XXX.XXX.XXX.XXX
      Ovpn 192.168.77.0/24
      the only one client that i have is 192.168.77.6
      On client p-t-p is 192.168.77.5

      On pfsense the interface ovpns1 as inet add 192.168.77.1, to view this I used the command shell beacuse the interface is not present in GUI.

      ovpns1: flags=8051 <up,pointopoint,running,multicast>metric 0 mtu 1500
      options=80000 <linkstate>inet6 fe80::250:56ff:fe93:4bd5%ovpns1 prefixlen 64 scopeid 0x9
      inet 192.168.77.1 –> 192.168.77.2 netmask 0xffffffff
      nd6 options=3 <performnud,accept_rtadv>Opened by PID 13705

      I don't understand what is 192.168.77.2....

      I have followed several tutorials and everything is working well between ovpn client and LAN.
      Now i would like to NAT pubblic ip of pfsense to ovpn client, for example: XXX.XXX.XXX.XXX:22222->192.168.77.66:8088

      I add a rule in Firewall>Nat but does not work.

      this is my route table:

      default xxx.xxx.xxx.1 UGS 0 10519 1500 em0
      xxx.xxx.xxx.0/24 link#1 U 0 25030 1500 em0
      xxx.xxx.xxx.xxx link#1 UHS 0 0 16384 lo0
      127.0.0.1 link#5 UH 0 169 16384 lo0
      192.168.3.0/24 link#2 U 0 109 1500 em1
      192.168.3.1 link#2 UHS 0 50063 16384 lo0
      192.168.77.0/24 192.168.77.2 UGS 0 673 1500 ovpns1
      192.168.77.1 link#9 UHS 0 0 16384 lo0
      192.168.77.2 link#9 UH 0 0 1500 ovpns1

      Any ideas?

      I have notice that if I ping the client from GUI (Dignostic>Ping) it not responding in both interface (LAN and WAN) but if i ping from console it's work. From a LAN machine it's work.

      Last week I tried it with a vpn ipsec, and everything works fine including the nat. But ipsec is computationally too heavy for my application, so I moved to OVPN.

      Have a nice evening,
      Diotta</performnud,accept_rtadv></linkstate></up,pointopoint,running,multicast>

      1 Reply Last reply Reply Quote 0
      • D
        diotta
        last edited by

        well, I resolved with this post http://forum.pfsense.org/index.php?topic=35445.0

        Works but but I have to assimilate the reason.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.