Routing VNC on VPN



  • Not sure if this is the right section, if not just move the topic to the correct place.

    Pre: i've got a fully working installation of pfsense with openvpn roadwarrior setup

    i'm trying to use vnc over vpn,
    so if a "sales" roadwarrior vpn client (10.8.10.x) is connected to our pfsense box and is running a "vnc-viewer-software" he can receive vnc call incoming from our "customer".

    the setup already work if the "vnc-viewer-software" run on a PC in the LAN (192.168.1.X) segment of our network (obviusly with the proper NAT & FIREWALL RULES)

    if i make a similar NAT rule on pfsense using an IP of VPN subnet (10.8.10.x) instead of LAN subnet (192.168.1.x) didn't work.

    anyone can give me any clue?
    many thanks



  • I assume your mobile warriors dont get NATed to the internet.

    http://forum.pfsense.org/index.php/topic,7001.0.html

    Per default for every local "real" interface a rule will be installed that NAT's from this interface to WAN.
    If you want to have Internet access from multiple LAN subnets (ie. you have a router behind pfSense with another subnet) enable Advanced outbound NAT and create a rule for every IP range you want to be NAT'ed.
    The same goes for OpenVPN if you want the OpenVPN subnet NAT'ed to WAN.
    You need to create a rule for every subnet you want NAT'ed.
    Alternatively you can change the source of single existing rule from LAN to "any" thus NAT'ing everything.
    (screenshots to clarify: http://forum.pfsense.org/index.php/topic,7693.0.html )
    This might create a problem for FTP with multiWAN
    more here: http://forum.pfsense.org/index.php/topic,7096.msg40810.html#msg40810

    Try this.
    I'm not sure, but i think this should help.


Log in to reply