4. NAT for OpenVPN

NAT for OpenVPN

  • D

    Hi,

    I have a little problem.
    I'm setting up a pfsense with a management vlan and OpenVPN to access it.

    I have it set up like this:
    LAN -> 10.0.0.1\24
    WAN -> ext ip
    MGMT -> 192.168.254.1\24
    OpenVPN -> 192.168.253.0\24

    Client connects to VPN without any problems and get an ip 192.168.253.6

    Also there is a server (192.165.254.2) and a cisco switch (192.168.254.3)

    I have correct access to the server but can't even ping the switch.
    from what I found the switch replys only to addresses on the same subnet and from the server logs I can see that the client connects with 192.168.253.6 ip.

    Is it possible to NAT all OpenVPN traffic without forcing all traffice on the client to go via VPN?

    BR Chris

    0
  • P

    I expect it would work. The NAT goes on the interface where the traffic is leaving pfSense, so put a NAT rule on LAN for traffic with a source address of 192.168.253.0/24 to NAT to LAN address. Then the traffic from OpenVPN clients to LAN should look like it comes from the pfSense LAN IP.

    0
  • D

    Thanks.

    Got this working finally.
    Made a mistake in the outbound rule and that's whats caused the problem.

    BR Chris

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy