Hi Roger. Just ensure the OpenVPN server on the pfsense box is disabled and then nat through as normal. I have this working at home on an Alix 2D3.
Brett. On 12/12/2011 12:20 p.m., Roger Searle wrote: > I've put a pfsense install on an alix box - some [0]nice gear from the > nice people at nicegear.co.nz - to replace an ipcop 1.4 box that was > approaching 10 years old. On the LAN I have a Lucid LTS box running > OpenVPN, previously I had UDP/1194 open on the IPCop box and on the DSL > router, and could connect nicely. > > I'm not clear how (or if) I can do similar port forwarding on pfsense, > seems to insist on on being the OpenVPN server itself if I choose 1194, > therefore use it's certificate manager etc, effectively leading to > abandoning a perfectly good OpenVPN service. > > Do others have an internal OpenVPN server working OK through pfsense? > Is the right approach to use a different port inside the DSL router, for > example, forward UDP/1194 from the internet to UDP/1195 on the pfsense > WAN address, have a pfsense WAN rule for UDP/1195 and NAT port forward > to the OpenVPN server's IP address, and have the server listen on 1195? > This is what I am trying without success so perhaps I am overlooking > something further or this is a bad approach, any feedback to resolve > this would be appreciated. Clients attempting to connect give this in > their log indicating the firewall blocking: > > Mon Dec 12 11:49:38 2011 TLS Error: TLS key negotiation failed to occur > within 60 seconds (check your network connectivity) > Mon Dec 12 11:49:38 2011 TLS Error: TLS handshake failed > > Regards > Roger > > [0]https://nicegear.co.nz/single-board-computers/pc-engines-alix-2d3/ > > > _______________________________________________ > Linux-users mailing list > [email protected] > http://lists.canterbury.ac.nz/mailman/listinfo/linux-users > -- Regards, Brett Davidson Systems Engineer RHCE, CCNA, MCSE, SCSA, NZCE, TC(Electronics) -- Net24 Limited Phone: 0800 5000 24 | DDI: +64 3 962 9518 | Web: www.net24.co.nz -- // web hosting / email hosting / data backup / VPS This transmission is for the intended addressee only and is confidential information. If you have received this transmission in error, please delete it and notify the sender. _______________________________________________ Linux-users mailing list [email protected] http://lists.canterbury.ac.nz/mailman/listinfo/linux-users
