Openvpn - Firewall issue

[jerome.meynier]

HI every one
I got a specific request and currently i am facing an issue with Open VPN server and Firewall.

The scenario is that i got opnsense deployed in a APU2C2 box

WAN private IP 172.16.11.250/24 connected to internet box (gw 172.16.11.254)
Lan private ip 10.11.0.254 /16

I need to have a vpn connection to get acces to LAN servers for a security reason .

The specific request is that the vpn connection need to establish from wan side but on the Private IP not the public IP nat.

If i NAT the Public IP to the private IP it s works BUT if i try to establish VPN connection from Private IP (another machine in WAN with by example ip 172.16.11.251) it doesn't.

TO be more precise i got the first connection ok but no response for authentification .

I precise that i untick Block private networks and Block bogon networks on WAN interface

Moreover if i tick the Disable Firewall in Firewall/advanced it s works too.

I suppose i got a rules that prevent OPEN VPN  connection from private ip in WAN interfaces but didn't found where to deselect.

TO finish my firewall rules are currently quite out fo the box with openvpn rules added by wizard .
I can access to internet from LAN to WAN and just add one rules to authorize ICMP on WAN size to check i got connectivity from the test machine (the 172.16.11.251) from where i try to establish vpn connection.

Anyone had an idea of what happen???

Thanks in advance