NAT for OpenVPN

  • Hi,

    I have a little problem.
    I'm setting up a pfsense with a management vlan and OpenVPN to access it.

    I have it set up like this:
    LAN ->\24
    WAN -> ext ip
    MGMT ->\24
    OpenVPN ->\24

    Client connects to VPN without any problems and get an ip

    Also there is a server ( and a cisco switch (

    I have correct access to the server but can't even ping the switch.
    from what I found the switch replys only to addresses on the same subnet and from the server logs I can see that the client connects with ip.

    Is it possible to NAT all OpenVPN traffic without forcing all traffice on the client to go via VPN?

    BR Chris

  • I expect it would work. The NAT goes on the interface where the traffic is leaving pfSense, so put a NAT rule on LAN for traffic with a source address of to NAT to LAN address. Then the traffic from OpenVPN clients to LAN should look like it comes from the pfSense LAN IP.

  • Thanks.

    Got this working finally.
    Made a mistake in the outbound rule and that's whats caused the problem.

    BR Chris

Log in to reply