OpenVPN go out to WAN
-
Hi
I'm new to this forum
I would like to know if there is a way for vpn to exit through the wan interface?
My setup is this
Bridged router -> (wan)PFsense -> (lan)internal network
now I'm accessing this network using another internet line then through VPN. my connection is successful and I can ping machines in the network.
now is it possible to go out and browse the internet using the wan IP ? -
I'm not sure of what you're trying to do but i will try to give you answer
I) if it's VPN over WAN
just tell PFSense to connect to your OpenVPN Server with WAN gatewayII)if it's access your lan throught WAN with VPN
1. Make a OpenVPN server on your PFSense who will listen on WAN
2. Make firewall rule to accept incoming traffic from WAN to the port of your OPENVPNIII) route your traffic throught VPN
if it's just connect to your PFSense throught VPN and then access the wan of this pfsense it's just some route to had to your configuration. ( if it's all your network that should travel your tunnell don't forgot the local route)on your first router (the one that you use to access internet)
first create a static route to access your VPN (use your WAN gateway)
second create a static route to access your network throught VPN (use your VPN gateway this time) (don't forgot the first static route if it's all your network that should travel your tunnell)
finaly take a coffee and wait -
Well I can't explain well but what I want to happen is that
I go in using VPN which can be done easily. then use the wan interface to access the net. I can't really put it into words but in a sense I want to take my pfsense's IP address when accessing the internet (checking using who.is) .
So the end point would be that I'll be having the IP address of the WAN interface since this is an IP that is whitelisted to another router.
Is this possible? I really can't explain it well sorry..
Thanks for your reply sir :)
-
I think i understand what you want to do it's the third point but with some change
your configuration is (correct me if i made a mistake)
your computer -> a router -> some network -> your OpenVPN server -> your firewall with whitelist -> internetwhere your OpenVPN Client is on your computer or the first router
and you want to access internet with your OpenVPN server public (or not) ipif i'm right what you have to do:
- make a OpenVPN tunnel between the client and the server
- make your routing rules (the static ONE and the one for the network accessible throught OpenVPN)
- make NAT outbounding on the public (or not) interfaces of your OpenVPN server (check if it's not done by default )
-
Here is a diagram of what I want to do. ( just to be clear )
So I'm in the home network using my laptop and I can access the remote network number1 through VPN , plus I can access the 192.168.7.0 network.
Now when I go in using VPN I get an IP address of 192.168.1.6. ( Since I configured openvpn to give a virtual network of 192.168.1.0 which is required when setting up the vpn and is allowed to access or should access 192.168.7.0 network. ( I also configured NAT to make this possible translating all 192.168.1.0 network traffic to 192.168.7.0 network )
What I want to achieve though is to go to the remote network 2 passing through the wan address so that it is considered from 132.56.7.10 because this static IP is whitelisted to remote network 2 router.
I hope its clearer now and sorry for being so misleading.
Sorry for the late response I had to do something, thanks for your reply again sir.
 -
Hi rolf
What you said confirm that you need to access a distant network by VPN
On the three step that i told you i think that you've already done the two first step
1 Making your VPN functiunal
2 routing your traffic to it by static route (in french it's route but it is translatte to road in english so i'm not totaly sure of the word)So you need to make a outbounding nat on your server (to masquerade your ip like this you should access network 2 with the ip of the VPN who has granted access)
P.S i'm going to home as i wrote that so i may forgot thing
-
Hi sir,
I have connection in the internet now, thanks for your replies and help, my problem was on the NAT configuration, Its a bit misconfig. haha
thanks again sir ! :)