OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • 24.1 Legacy Series »
  • [Solved] - Port Forwarding on VPN Interface
« previous next »
  • Print
Pages: [1]

Author Topic: [Solved] - Port Forwarding on VPN Interface  (Read 669 times)

ligand

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
[Solved] - Port Forwarding on VPN Interface
« on: June 27, 2024, 05:45:56 am »
Hi Everyone!
I'm banging my head on this problem and am hoping that someone can help me.  I setup a VPN to a VPN provider and enabled policy based routing and NATing.  I am able to run curl ifconfig.me and my VM shows the public IP of the VPN address.  I want to port forward a port from the public IP of the VPN tunnel to the VM participating in the policy based routing. 

Using tcpdump, I see traffic coming into the VPN tunnel
23:19:28.717855 IP 45.33.50.110.50954 > 10.2.20.23.51413:

I see traffic hitting the VM and I see the VM responding
23:19:29.653702 IP 45.33.50.110.50954 > 192.168.25.11.51413:
23:19:29.653745 IP 192.168.25.11.51413 > 45.33.50.110.50954:

But I don't see response traffic leaving leaving the VPN tunnel.

I see the response traffic hitting the LAN interface so I know its making it back to the firewall
23:19:44.042532 IP 192.168.25.11.51413 > 45.33.50.110.50954:

I'm frankly at a loss and am hoping someone can help me figure out what I'm doing wrong.  Also let me know if additional information would be helpful.

Here's what I see with the live view

lan      2024-06-26T23:44:26-04:00   45.33.50.110:56016   192.168.25.11:51413   tcp   let out anything from firewall host itself
   
VyperVPN      2024-06-26T23:44:26-04:00   45.33.50.110:56016   10.2.20.23:51413   tcp   rdr rule
« Last Edit: June 27, 2024, 12:59:11 pm by ligand »
Logged

Monviech (Cedrik)

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1662
  • Karma: 178
    • View Profile
Re: Port Forwarding on VPN Interface
« Reply #1 on: June 27, 2024, 05:53:34 am »
Did you enable reply_to and selected the VPN interface in the Firewall Rule that allows the traffic of the port forward?
Logged
Hardware:
DEC740

ligand

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Port Forwarding on VPN Interface
« Reply #2 on: June 27, 2024, 12:58:35 pm »
Quote from: Monviech on June 27, 2024, 05:53:34 am
Did you enable reply_to and selected the VPN interface in the Firewall Rule that allows the traffic of the port forward?
Hi!  Thank you for the response.  You're right!  I needed to enable reply_to and set it to the VPN interface.  It works like a champ now!  :-). I now see the firewall rule being used in live view. :-)

lan      2024-06-27T06:55:59-04:00   45.33.50.110:40140   192.168.25.11:51413   tcp   let out anything from firewall host itself   

VyperVPN      2024-06-27T06:55:59-04:00   45.33.50.110:40140   192.168.25.11:51413   tcp   Allows inbound to Transmission   

VyperVPN      2024-06-27T06:55:59-04:00   45.33.50.110:40140   10.2.20.23:51413   tcp   rdr rule

Thanks again!   :D
« Last Edit: June 28, 2024, 04:37:21 am by ligand »
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • 24.1 Legacy Series »
  • [Solved] - Port Forwarding on VPN Interface
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2