Dear all,
I use two OpenVPN servers (vpn0 (10.10.230.0/23), vpn1 (10.10.232.0/24 ) to route the traffic through different gateways (10.10.210.2 (default), 10.10.202.2). So I created two Firewall routes in Zone "OpenVPN":
1) Source 10.10.232.0/24 -> Gateway 10.10.202.2.
2) Source * -> Gateway *
The second rule makes use of the default gateway. Now i can observe that, when pinging a host outside of the VPN network, from a client of vpn0 the VPN-Client-IP i.e. 10.10.230.5 is used as sender and from vpn1 the Gateway IP address 10.10.202.2 (observed via tcpdump)
When I modify rule 1) and set the default GW, also the Client-IP is used, i.e. 10.10.232.8 ).
As I want to identify the VPN client by IP address inside my networks, how can I prevent that the gateway IP appears instead of the client IP? Any ideas?
Thank you very much,
Markus
Seems as if you have an outbound NAT rule for vpn1.
Send a screenshot of Firewall:NAT:Outbound.
Thanks for your reply. Please see the screenshot attached:
That looks weird. Outbound NAT on LAN and LANADMIN interface?
What interfaces do you have? Usually outbound NAT is only needed on the WAN interface. I would try to set it manual rules so that no automatic rules are in place.
Make a backup before you do this :)
Hm, after setting it to manual rules I had a lot of trouble. The GUI was not reachable und OpenVPN refused to work at all (soft-connection-reset received.)
I have 3 interfaces, LAN, LANADMIN and WAN. I'm a bit perplexed.