Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Outbound NAT (SNAT) on the tunnel interface is not working
« previous
next »
Print
Pages: [
1
]
Author
Topic: Outbound NAT (SNAT) on the tunnel interface is not working (Read 2208 times)
ggriff
Newbie
Posts: 7
Karma: 0
Outbound NAT (SNAT) on the tunnel interface is not working
«
on:
March 24, 2020, 07:21:19 am »
What I’m trying to achieve:
Client connected to OpenVPN server can access other machines on the LAN
Status:
VPN Client can connect and the LAN network is pushed to the client.
Routing table is setup correctly on the client 192.168.16.0/24 -> 172.30.10.1
Problem:
When pinging a machine on the LAN network from the VPN Client the
ping reply can’t be routed back because the traffic has a source IP of
172.30.10.X
I have enabled outbound NAT’ing on the TAP1 interface but it is not overwriting the source IP?
Main Router
Public IP: 1.2.3.4
Port Forward 1194 to 192.168.12.177
OPNSense Router:
OPNsense 20.1.3-amd64
Server Mode: Remote Access (SSL/TLS)
Dev Mode: Tun
Topology: Subnet
WAN 192.168.12.177/24 (GW: 192.168.12.1)
LAN 192.168.16.25/24
TAP1 172.30.10.1/24
Outbound NAT Rule:
// Hybrid Outbound NAT
Interface: TAP1
Source: 172.30.10.0/24
Destination: LAN net
NAT Address: LAN Address
Tcpdump –i ovpns1:
16:19:52.669289 IP 172.30.10.2 > 192.168.16.222: ICMP echo request, id 1, seq 1447, length 40
16:19:57.526968 IP 172.30.10.2 > 192.168.16.222: ICMP echo request, id 1, seq 1448, length 40
Can anybody shed some light on this please?
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Outbound NAT (SNAT) on the tunnel interface is not working
«
Reply #1 on:
March 24, 2020, 08:36:46 am »
Interface on outbound nat should be LAN, always the leaving interface
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
ggriff
Newbie
Posts: 7
Karma: 0
Re: Outbound NAT (SNAT) on the tunnel interface is not working
«
Reply #2 on:
March 24, 2020, 12:17:24 pm »
@mimugmail Thank you very much! This works now!
Strange thing is when I was still running OPNSense v19.7 I tried TAP1 & LAN as interface and neither worked...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Outbound NAT (SNAT) on the tunnel interface is not working