[SOLVED] TAP mode, no IP address for the gateway
I'm quite close to give up my VPN idea …
What I want: Routing a dedicated traffic through a VPN tunnel in TAP mode to a private VPN provider. That's it. But I have no chance. Using the TAP mode, the gateway didn't get an IP and I cannot monitor it.
In the firewall rule, I can select the gateway, but I see only "dynamic" as address. Looking into the routing table, the "route-to" flag for the route is missing ... Senseless to say, the forwarding isn't working.
The crazy thing: with the same provider, using TUN as mode, the gateway gets an dynamic IP and I can select it as gateway with an IP address for the firewall rule.
I have to use the TAP mode, because the provider provides a dynamic IP address only in this mode, in TUN mode, I get a shared IP address ...
Below some screen shots.
The firewall rule looks like this (after selction of the "PRIVATEVPN - dynamic" Gatetway) - the "route-to" flag is missing:
pass in quick on vr0 inet from 192.168.37.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule"
2.2.4-RELEASE (i386) built on Sat Jul 25 19:56:41 CDT 2015 FreeBSD 10.1-RELEASE-p15 You are on the latest version.
Thank you for your help!!!
![Gateway status.jpg](/public/imported_attachments/1/Gateway status.jpg)
![Gateway status.jpg_thumb](/public/imported_attachments/1/Gateway status.jpg_thumb)
![Interface status.jpg](/public/imported_attachments/1/Interface status.jpg)
![Interface status.jpg_thumb](/public/imported_attachments/1/Interface status.jpg_thumb)
![OpenVpn status.jpg](/public/imported_attachments/1/OpenVpn status.jpg)
![OpenVpn status.jpg_thumb](/public/imported_attachments/1/OpenVpn status.jpg_thumb)
![Gateway selection in the firewall rule.jpg](/public/imported_attachments/1/Gateway selection in the firewall rule.jpg)
![Gateway selection in the firewall rule.jpg_thumb](/public/imported_attachments/1/Gateway selection in the firewall rule.jpg_thumb)
I allow to set up the "defalut" routes by OpenVPN and polls a.e. 184.108.40.206 to check, if the tunnel is up.
So, I don't need the gateway IP to monitor.