Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Forward port to computer behind Pfsense OpenVPN client.

    NAT
    2
    2
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JCFL
      last edited by

      Hello!

      I have been trying to set up a VPN tunnel to my VPN provider, and everything seem to work fine except that I can't forward any ports to my workstation.
      The problem I am trying to solve by opening a port is to get Spotify to connect to the internet. When I used a OpenVPN client on my computer, everything worked fine and I didn't have to open any ports for Spotify, or any other programme, in Pfsense.

      So I have been trying to set up a NAT port forward with "OpenVPN" as my interface and pointing it to my internal IP. Spotify uses port 4070 on 78.31.8.0/21 and 193.182.8.0/21 so I have tried to specify those IP ranges under Destination and choosing network as type.

      I have also tried to follow this guide (scroll down) but it didn't work:
      http://www.retropixels.org/blog/use-pfsense-to-selectively-route-through-a-vpn

      I have attached screenshots showing my firewall outbound NAT, NAT config and OpenVPN rule.

      What am I doing wrong? I don't use any other firewall.
      Any help would be greatly appreciated.  :)

      Thanks,
      JCFL
      ![Spotify NAT.png](/public/imported_attachments/1/Spotify NAT.png)
      ![Spotify NAT.png_thumb](/public/imported_attachments/1/Spotify NAT.png_thumb)
      ![Spotify OpenVPN.png](/public/imported_attachments/1/Spotify OpenVPN.png)
      ![Spotify OpenVPN.png_thumb](/public/imported_attachments/1/Spotify OpenVPN.png_thumb)
      ![firewall NAT.png](/public/imported_attachments/1/firewall NAT.png)
      ![firewall NAT.png_thumb](/public/imported_attachments/1/firewall NAT.png_thumb)

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        Hello!

        Your pfSense will direct the traffic to Spootify networks over VPN if it is established which will not work. You should route this traffic over your WAN gateway.

        To do so set an alias for the Spootify networks and set up a pass rule for LAN interface with this alias as destination, go down to advanced settings, click Gateway and choose your WAN gateway to be used by this rule.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.