How to NAT OpenVPN clients to BINATed IPSEC tunnel?
-
I'm not sure if its NAT related … but its involved here for sure.
I have some ipsec tunnel, where all my network NATed under my public IP and goes to remote network (BINAT).
I want OpenVPN clients, that connects to me - also to be nat-ed (able to go to remote network) ... how to do this ?
-
You would need an additional Phase 2 where the OpenVPN subnet is included in the "local network" (before NAT)
-
Ok, but pFsense not allowing me 2 2nd phase with same BINAT ip addresses for masq.
I mean not allow to be both of them online, as on screenshot:How i include openvpn to local network?
Or you mean - setup clients of OpenVPN with address of LAN ?
-
So far - i've just made openVPN as neighbor LAN (LAN - 30.0/24, openvpn 31.0/24), and for BINAT i used 30.0/23 mask - so it working.
But i'm not sure if this right solution =)