Hi, On Mon, Aug 22, 2016 at 9:03 PM, Dreetjeh D <[email protected]> wrote:
> >Guess you want all out-of-LAN traffic from the win7 box (192.168.30.9) to > go through the VPN to the NAS and then exit out of it. > > Probably did not read the whole mail, but is no problem :) > I read the whole thread before replying and the above line was my summary of what I thought you wanted to do. Are you saying you do not want traffic from win7 to go over the VPN? > The goal is to have "VPN-ON.cmd" and "VPN-OFF.cmd" on Win7 so one can > select when want to go over VPN, exit at NAS/Modem2. > Making such on and off commands is a trivial exercise once you figure out how to do the routing. And the instructions I gave was to make the routing happen. Did you try it? > > >First make sure you can ping 192.168.5.1 (modem2' LAN interface?) from > win7. > Yes, the 192.168.5/24 is available to the Win7, 192.168.30/24 > The other way around is also the case. > Good. > > >On win7: change the default gateway to pfsense (192.168.30.?) > This was and still is the case. > Not according to your previous mail where you said the default gateway on win7 is 192.168.30.1. Unless that is also the IP of ipfsense which you did not mention. . > I thought changing GW on Win7 can make it go over VPN but I seem to be > unable to change GW properly. > What does that mean? Let me try again: Is pfsense the default gateway of win7 or not? If it is, what do you mean by "unable to change the GW properly"? > It`s Win7 Home by the way. > > >On pfSense: Add a direct route to the public IP of NAS (modem2's WAN IP?). > >Change pfsense's default gateway to the vpn IP of NAS. > I think this will lead to the whole 192.168.30/24 (also VLAN`s) go over > VPN? > Just want Win7 to go over VPN with VPN-ON.cmd and VPN-OFF.cmd > I did give you and an alternative that starts with "if you do not want to change the gateway of pfsense...." Do not get fixated by the on and off commands. Once the routing starts working just make two bat files that changes the gateway on win7 and call them vpn_on.bat and vpn_off.bat or whatever, that's the easy part. Before that you have to set up the required routes on pfsense and NAT on the NAS or modem2. > > >If you do not want to change the gateway of pfsense, have a routing > policy > >that makes all packets with source = 192.168.30.9 go through the VPN. > This will make Win7 always go over VPN? > Yes it will, provided you know how to set up policy based routing on pfsense. I do not use pfsense, but should be possible. . > > As soon as time permits I will post a diagram somewhere, maybe the > situation will be more clear. > I think the network diagram is reasonably clear from your earlier emails. What is not clear is existing route on win7 and whether you added a route on pfsense for packets from win7 to go via the VPN. Only pfsense can route the packets to NAS through the tunnel as those are the two connected by the tunnel. Selva
------------------------------------------------------------------------------
_______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
