Show Posts
1
Virtual private networks / OpenVPN Policy based routing: Gateway as sender IP?
« on: January 05, 2021, 09:50:19 am »
Dear all,
I use two OpenVPN servers (vpn0 (10.10.230.0/23), vpn1 (10.10.232.0/24 ) to route the traffic through different gateways (10.10.210.2 (default), 10.10.202.2). So I created two Firewall routes in Zone "OpenVPN":
1) Source 10.10.232.0/24 -> Gateway 10.10.202.2.
2) Source * -> Gateway *
The second rule makes use of the default gateway. Now i can observe that, when pinging a host outside of the VPN network, from a client of vpn0 the VPN-Client-IP i.e. 10.10.230.5 is used as sender and from vpn1 the Gateway IP address 10.10.202.2 (observed via tcpdump)
When I modify rule 1) and set the default GW, also the Client-IP is used, i.e. 10.10.232.8 ).
As I want to identify the VPN client by IP address inside my networks, how can I prevent that the gateway IP appears instead of the client IP? Any ideas?
Thank you very much,
Markus
I use two OpenVPN servers (vpn0 (10.10.230.0/23), vpn1 (10.10.232.0/24 ) to route the traffic through different gateways (10.10.210.2 (default), 10.10.202.2). So I created two Firewall routes in Zone "OpenVPN":
1) Source 10.10.232.0/24 -> Gateway 10.10.202.2.
2) Source * -> Gateway *
The second rule makes use of the default gateway. Now i can observe that, when pinging a host outside of the VPN network, from a client of vpn0 the VPN-Client-IP i.e. 10.10.230.5 is used as sender and from vpn1 the Gateway IP address 10.10.202.2 (observed via tcpdump)
When I modify rule 1) and set the default GW, also the Client-IP is used, i.e. 10.10.232.8 ).
As I want to identify the VPN client by IP address inside my networks, how can I prevent that the gateway IP appears instead of the client IP? Any ideas?
Thank you very much,
Markus