OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • 2 x OpenVPN Connection, how to nat/use rules?
« previous next »
  • Print
Pages: [1]

Author Topic: 2 x OpenVPN Connection, how to nat/use rules?  (Read 2847 times)

Gargamel

  • Newbie
  • *
  • Posts: 37
  • Karma: 1
    • View Profile
2 x OpenVPN Connection, how to nat/use rules?
« on: October 12, 2017, 06:24:24 pm »
hi.
I have now come so far that i have 2 openvpn connection up.
One has a "public ipv4", intended for my servers. And the other is for any day use by unspecified users.

I have set up an alias, in there i have specified my computers ip (10.220.0.1) and computername.localdomain in.
In NAT -> Outbound i have created a rule in the top that specifies my alias as source, and interface as the public ip4 connection, other is defaults.
below this rule i have specified any as source and interface with the other openvpn connection.

When i look up "my ip" i get the non public ipv4 IP.

I have tried to create a LAN rule, specifying source=my alias, to use gateway of the public ipv4 gateway, and still i get the non-public.

Where and how should i create rules/NAT to be able to specify which lan ip goes to which openvpn connection?

I wish to make default is always non-public, and specify certain IP's to go thru the public one.
Logged

robvh

  • Newbie
  • *
  • Posts: 10
  • Karma: 2
    • View Profile
Re: 2 x OpenVPN Connection, how to nat/use rules?
« Reply #1 on: October 12, 2017, 07:56:00 pm »
In your LAN rules, you should write that Source alias1 can go to Dest "any" via Gateway1.
A 2nd rule states that Source alias2 can go to Dest "any" via Gateway2.
If you cannot specify your list of servers as an alias, you could try to add a Block rule that prevents your "private" alias going into the public gateway.
« Last Edit: October 12, 2017, 08:02:06 pm by robvh »
Logged

Gargamel

  • Newbie
  • *
  • Posts: 37
  • Karma: 1
    • View Profile
Re: 2 x OpenVPN Connection, how to nat/use rules?
« Reply #2 on: October 12, 2017, 08:03:42 pm »
Quote from: robvh on October 12, 2017, 07:56:00 pm
In your LAN rules, you should write that Source alias1 can go to Dest "any" via Gateway1.
A 2nd rule states that Source alias2 can go to Dest "any" via Gateway2.
If you cannot specify your list of servers as an alias, you could try to add a Block rule that prevents your "private" alias going into the public gateway.

1) Should i have some NAT settings for the openvpn connection?
2) Either the connection dies, because i try to use openvpn client in the gateway.
3) if i changes the rule to use WAN_DHCP its still dead
4) If i change the rule to default, it works, but then goes on WAN and not openvpn
Logged

Gargamel

  • Newbie
  • *
  • Posts: 37
  • Karma: 1
    • View Profile
Re: 2 x OpenVPN Connection, how to nat/use rules?
« Reply #3 on: October 13, 2017, 10:52:14 am »
Can anyone explain why i get locked out from the network when i add this LAN rule?
IPv4 *   Stefan     *   *   *   OVPNPUBLICIPV4_VPNV4   

Stefan = 10.220.0.1, Gargamel, Gargamel.localdomain
OVPNPUBLICV4_VPNV4 = current online vpn connection/gateway

also, internet dies for this host, cannot even ping the firewall 10.220.0.254, cannot "dig" or ping outside world with this pass rule
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 17.7 Legacy Series »
  • 2 x OpenVPN Connection, how to nat/use rules?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2