On 5/9/2014 8:02 AM, Thierry De Leeuw wrote: >> I have some trouble to setup port forwarding with multiple interfaces. >> When a connection is initiated from the VPN tunnel (SYN), the SYN/ACK >> is sent from the VPN IP but throught the pppoe interface (which is the >> default gw, but I would expect the NAT to take care of that - maybe I >> am wrong?). >> I would like that my server is accessible from both pppoe and VPN tunnel.
The "multiple interfaces" bit works fine when they're both actually WANs, but when one is a VPN it doesn't work that way by default. To get the behavior you want with OpenVPN, where reply-to sends the packets back the way they came in, you'll need to do the following: 1. Assign/enable the OpenVPN interface from Interfaces > (assign). Set it to an IP type of 'none' 2. Restart the VPN (edit/save) 3. Move firewall rules from the OpenVPN tab to the new interface tab. No rules on the OpenVPN tab can match the traffic. Jim _______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
