I had to get VPN outbound traffic working as well, and I could only get it to work by doing some stuff in Outbound NAT.
Leave the auto-generated rules as is. Add a rule like: WAN, Source <IP range of the VPN>, and the NAT address set to the outside IP. (Maybe that outside IP is only needed when you have multiple outside addresses - which I do). Regards, -Jeppe On Wed, Sep 17, 2008 at 6:52 PM, Joe Laffey <[EMAIL PROTECTED]> wrote: > On Wed, 17 Sep 2008, Chris Buechler wrote: > >> On Wed, Sep 17, 2008 at 6:55 PM, Joe Laffey <[EMAIL PROTECTED]> wrote: >>> >>> I have pfsense set up with a WAN, a LAN, a DMZ, and a WIFI NIC (4 NICs). >>> I >>> would like to be able to use OpneVPN to connect from the WAN and access >>> hosts on both the LAN and the DMZ (encrypted through the vpn). >>> >>> Is this possible? I tried adjusting the netmask to make it big enough (I >>> use >>> 192.168.0.0 on the LAN and 192.168.2.0 on the DMZ). But this did not seem >>> to >>> work. For some reason I lost access to the LAN (192.168.0.0/24). >>> > > > So I am now trying to get ALL the traffic to go out through the VPN. I found > the push "redirect-gateway def1" option, and this seems to work in that it > routes all traffic over the VPN... > > BUT... I cannot get the NAT to work right to get out to the internet. I > tried adding an Outbound NAT setting for the subnet I setup for the VPN > (192.168.3.0/24). But this did not seem to work. > > Any thoughts on getting this to work? > > Thanks in advance. > > -- > Joe Laffey | Visual Effects for Film and Video > LAFFEY Computer Imaging | ------------------------------------- > St. Louis, MO | Show Reel http://LAFFEY.tv/?e11791 > USA | ------------------------------------- > . | -*- Digital Fusion Plugins -*- > -------------------------------------------------------------------------- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
