OpenVPN Nat trouble



  • So I am setting up a outgoing load balancer for my office. And that is configured and working perfectly, however setting up the VPN connection to our data center is somewhat troublesome.

    We are using OpenVPN with PKI encryption. pfSense is configured to use, and connects fine. pfSense can also ping everything inside the VPN with no trouble at all. However the computers that connect to pfSense can't. All the guides I read say to enter in the Remote Network field, however when using PKI that field disappears.

    I have tried setting up a LAN Firewall rule to send traffic on the 10.0.0.0/8 to the default gateway and everything else to the load balancer. But that didn't solve anything. Not sure if thats because according to the routing table the default gateway is WAN1…. I would set it to tun0 if that was an option, but I can't.

    All I need is to access the that datacenter from the office, however the datacenter doesn't need direct access to all the computers in the office. (So all I need is NAT) But I can't figure out how to do it.

    Some info about the network, the datacenter has several subnets in it that can all route to each other. And they all reside inside the 10/8 network. pfsense is running on 192.168.27/24

    Any help is appreciated.



  • You should have searched the forum…

    Currently there is no way of applying NAT or firewall rules to the OpenVPN traffic.  ISTR that this will change in 1.3, but you should search the forum for details.



  • @Cry:

    You should have searched the forum…

    Currently there is no way of applying NAT or firewall rules to the OpenVPN traffic.  ISTR that this will change in 1.3, but you should search the forum for details.

    I assume I can make openvpn run an "up" script that creates things behind the scene to do this, though I haven't tried yet.


Locked