Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT through OPENVPN Tunnel

    Scheduled Pinned Locked Moved NAT
    4 Posts 4 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      paulhuynh81
      last edited by

      So  i no static ip address at my office but i do have highspeed and i want to run exchange

      So i was wondring if i can used my data center pfsense and vpn tunnel to get the static ip address from my data center for my office used

      office server=====office pfsense=====openvpnclient========datacenter pfsense=====servers
      10.1.4.x                  non static ip                                                        static ipaddress              10.1.40.xxx

      Can i do nat so

      my static ipaddress nat to my office servers

      my my outgoing from my office servers or pc would show that it come from my datacenter ipaddress

      Speed is not an issues i have fast connect on both end

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        I would prefer another solution:

        • Run the Exchange in your datacenter and access it remote (over https) or

        • Use a dynamic DNS service for the office

        So i was wondring if i can used my data center pfsense and vpn tunnel to get the static ip address from my data center for my office used

        However, in principle this would work also. I can't see a reason why it shouldn't if you care that the tunnel has static IPs and you set up appropriate rules.

        1 Reply Last reply Reply Quote 0
        • E
          esink
          last edited by

          @viragomann:

          I would prefer another solution:

          • Run the Exchange in your datacenter and access it remote (over https) or

          • Use a dynamic DNS service for the office

          So i was wondring if i can used my data center pfsense and vpn tunnel to get the static ip address from my data center for my office used

          However, in principle this would work also. I can't see a reason why it shouldn't if you care that the tunnel has static IPs and you set up appropriate rules.

          This, for sure. You certainly can NAT through OpenVPN, but in your case that would be a little hoaky. Like the quote says I would put the Exchange server at the DataCenter or use DynDNS at the office location to complete this task.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            To get the behavior you want with OpenVPN, where reply-to sends the packets back the way they came in, you'll need to do the following (on the receiving side):

            1. Assign/enable the OpenVPN interface from Interfaces > (assign). Set it to an IP type of 'none'
            2. Restart the VPN (edit/save)
            3. Move firewall rules from the OpenVPN tab to the new interface tab. No rules on the OpenVPN tab can match the traffic.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.