Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to OpenVPN without NAT

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gkyildirim
      last edited by

      Hi,

      This is my first post. I've searched for an answer but could not figure out. So here is my question.

      I have a simple OpenVPN server which is builded by wizard. I can connect with my Viscocity client and it is working perfect.

      However I noticed a problem with NFS. I realized that wherever I go, I am connecting with Pfsense internal IP, which I suppose it is doing NAT.  As far as I see NAT has several problems with NFS (especially with Macos). There are some workarounds but all have other problems.

      So I want to get rid of NAT and be able to connect anywhere with my assigned IP.

      Is it possible?

      Thanks for helping.

      BTW I've tried tap but no success. Also I see that tap is not recommended.

      1 Reply Last reply Reply Quote 0
      • C
        chris4916
        last edited by

        @gkyildirim:

        BTW I've tried tap but no success. Also I see that tap is not recommended.

        Not that "TAP is not recommended" AFAIK but TUN is lighter therefore faster. Then in some cases, TAP is the right choice.

        Could you please elaborate on your NAT related issue with NFS and also describe with "assigned IP" you refer to in your statement?

        Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

        1 Reply Last reply Reply Quote 0
        • V
          viragomann
          last edited by

          By default pfSense doesn't do NAT for OpenVPN tunnel. You have to add an outbound NAT rule manually if you want it. Otherwise you access your LAN hosts with your assigned IP from OpenVPN tunnel.
          So deactivate the liable outbound NAT rule.

          However, if pfSense (the VPN server) isn't the default gateway in your LAN you will have to add a route to VPN tunnel at your hosts.

          1 Reply Last reply Reply Quote 0
          • G
            gkyildirim
            last edited by

            @chris4916:

            Could you please elaborate on your NAT related issue with NFS and also describe with "assigned IP" you refer to in your statement?

            A Mac NFS client can not connect Mac NFS server through NAT even with some NFS tuning (didn't remember details right now). Even if you switch to another NFS server there are other problems. As far as I investigate NFS does not play right with NFS, it has lots of drawbacks.

            By assigned IP I mean the client IP that OpenVPN server assigns when you establish the connection.

            1 Reply Last reply Reply Quote 0
            • G
              gkyildirim
              last edited by

              @viragomann:

              By default pfSense doesn't do NAT for OpenVPN tunnel.

              I did ever played with NAT rules. It is set to Automatic.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.