Hi everybody!
I have installed OPNsense inside a VM and configured an OpenVPN server. My client computers can connect successfully using the TUN interface and access the internet. I need access to other resources on the host computers' network so I need a TAP interface. I have changed the interface from TUN to TAP and my clients can connect through the VPN however are unable to ping other devices on the host computers' network.
I suspect that I am having a lot of difficulty because I have not properly configured either firewall or routing rules using OPNsense. I think that the trouble I have is moving away from editing simple server.conf and iptables (simple text files) to driving the OPNsense nice looking graphical interface. I could not find any examples of how to configure is a lot more challenging to use than looking at a simple server.conf file and writing forwarding rules to iptables.
Could anyone provide an example of the firewall rules and iptables using the graphical interface?
I feel like it would be a big enhancement if OPNsense would load the server.conf and iptables routes inside a large text input object so I could read my full configuration and edit it using the existing web forms.
Thank you for any suggestions!
Quote from: TooTired on September 06, 2024, 02:59:25 PM
I need access to other resources on the host computers' network so I need a TAP interface.
Not really sure why do you need TAP for this.
If my text drawing will not shift, then this is what I am trying to do.
WWW ------ Router -------- eth0 -------- Debian (host) -------\
Router ---- different server on Deb host--- \ \
WWW Client ---- Router (port forward) ---- br0 (eth1) ---- OPNsense VM --- OpenVPN
I need the VPN client to be able to access a separate server locally hosted on the Debian Host. My understanding is that a this cannot be done using interface TUN but it can be done using interface TAP. I have done this in the past successfully with a Samba shared network drive.
If I can do this on TUN then I would love to understand how.