[SOLVED] TAP mode, no IP address for the gateway



  • Hello!

    I'm quite close to give up my VPN idea …

    What I want: Routing a dedicated traffic through a VPN tunnel in TAP mode to a private VPN provider. That's it. But I have no chance. Using the TAP mode, the gateway didn't get an IP and I cannot monitor it.
    In the firewall rule, I can select the gateway, but I see only "dynamic" as address. Looking into the routing table, the "route-to" flag for the route is missing ... Senseless to say, the forwarding isn't working.

    The crazy thing: with the same provider, using TUN as mode, the gateway gets an dynamic IP and I can select it as gateway with an IP address for the firewall rule.

    I have to use the TAP mode, because the provider provides a dynamic IP address only in this mode, in TUN mode, I get a shared IP address ...

    Below some screen shots.

    EDIT #1:
    The firewall rule looks like this (after selction of the "PRIVATEVPN - dynamic" Gatetway) - the "route-to" flag is missing:

    pass in quick on vr0 inet from 192.168.37.0/24 to any flags S/SA keep state label "USER_RULE: Default allow LAN to any rule"
    

    EDIT #2:
    Installed Version:

    2.2.4-RELEASE (i386) 
    built on Sat Jul 25 19:56:41 CDT 2015 
    FreeBSD 10.1-RELEASE-p15
    
    You are on the latest version.
    

    Thank you for your help!!!

    Thomas
    ![Gateway status.jpg](/public/imported_attachments/1/Gateway status.jpg)
    ![Gateway status.jpg_thumb](/public/imported_attachments/1/Gateway status.jpg_thumb)
    ![Interface status.jpg](/public/imported_attachments/1/Interface status.jpg)
    ![Interface status.jpg_thumb](/public/imported_attachments/1/Interface status.jpg_thumb)
    ![OpenVpn status.jpg](/public/imported_attachments/1/OpenVpn status.jpg)
    ![OpenVpn status.jpg_thumb](/public/imported_attachments/1/OpenVpn status.jpg_thumb)
    ![Gateway selection in the firewall rule.jpg](/public/imported_attachments/1/Gateway selection in the firewall rule.jpg)
    ![Gateway selection in the firewall rule.jpg_thumb](/public/imported_attachments/1/Gateway selection in the firewall rule.jpg_thumb)



  • I allow to set up the "defalut" routes by OpenVPN and polls a.e. 8.8.8.8 to check, if the tunnel is up.
    So, I don't need the gateway IP to monitor.

    Thomas