Messages

1

24.1 Legacy Series / kea dhcpd reservations case sensitive

« on: March 18, 2024, 01:20:49 pm »

I have just switched to kea dhcpd and noticed that the MAAC address field is case sensitive. Any reservation you do NEEDS to have MAC addresses in all lowercase.
The WebUI is accepting uppercase but then the reservation is not working.

2

Virtual private networks / Re: OpenVPN Client to Network with NAT (solved)

« on: April 20, 2023, 10:59:47 pm »

Thanks pmhausen!

I have assigned ovpncX in Interfaces -> Assignments and after applying and making the interface active, the Firewall section contains a new network where I can configure NAT.

3

Virtual private networks / Re: OpenVPN Client to Network with NAT

« on: April 20, 2023, 02:54:11 pm »

I am NAT'ing the whole client network, the problem is OPNsense not using the correct IP (I assume).
In the screenshot, when enabling rule 2 it doesn't work. Only rule 1 with IP_ovpnc assigned to the local OpenVPN IP is working.
Or do you mean something different?
 

4

Virtual private networks / OpenVPN Client to Network with NAT

« on: April 20, 2023, 01:53:16 pm »

I have established a OPenVPN connection to a remote site which expects only a single machine as client.
This works from the Opnsense host itself, but not from any host inside the internal network.
That is because the client is using its internal IP and the remote end doesn't know about that network so it will not reply to those foreign subnet IPs. If I add a manual NAT rule for the OpenVPN network it works.

The problem I am facing now is once the OpenVPN client from Opnsense is reconnecting for whatever reason, it gets a new VPN IP assigned and the NAT rule stops working. Is there a way to dynamically assign an alias to the local IP of an OpenVPN endpoint -  in the screenshot IP_ovpnc2 ? A plain NAT rule for all OpenVPN connections is not working - I need to specify the correct endpoint IP to get it working.