Hi,
I followed successfully the "how-to Setup SSL VPN Road Warrior (https://docs.opnsense.org/manual/how-tos/sslvpn_client.html)".
But it doesn't seems adapted to my company's network.
We have a Cisco ASA.
It handles all our subnets + NAT WAN/LAN.
The problem: when I am connected to the VPN (opnsense).
I need to manually add a dedicated route on each server.
Else the ICMP Response end up on the Cisco ASA.
ip route add 10.10.0.0/24 via IP_LAN_OPNSENSE dev ens224
Is there a way to modify the configuration to not give each client an IP on 10.10.0.0/24 (openvpn).
But instead let the clients be NATed to a unique IP (opnsense LAN) ?
Like this when it come back, it will arrive directly on opnsense LAN.
I try to search on google with masquerade but could not find any lead.
Thanks for your help.
I tried to configure a NAT rule from openvpn_net to a virtual IP on my LAN without success ^^
is it possible to NAT every VPN clients to one LAN address ?
I created a virtual IP (for example 192.168.10.5).
Openvpn server use the range 10.10.0.0/24
Is there a way to make all the VPN clients use 192.168.10.5 to connect to our servers ?