[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

[Openvpn-users] Port Forwarding / NAT / Routing

  • Subject: [Openvpn-users] Port Forwarding / NAT / Routing
  • From: "Aminuddin" <amin.scg@xxxxxxxxx>
  • Date: Thu, 18 Oct 2007 00:38:35 +0800

I'm having a major headache trying to do the following:

1. Provide a port forwarding of various ports from vpn clients using PF.
2. Provide services such as www, smtp etc.. for different vpn clients

My VPN Server is also running PF and internet gateway. Everyone will connect
to the VPN server using tun configuration and will be assigned with ip pool and traffic are routed to the vpn server using the

Using socks or NAT, vpn clients are able to browse and do whatever TO the
internet but none of them can provide services / listening FROM the
internet. Say if I have 4 of the clients wanting to have their own personal
www services, how do I automatically map the dynamic IP (tun) and www ports
to the PF in *BSD?

Is there any rules in PF that will allow OpenVPN users/clients without
natting the IP address but still allow them access (route all traffic) to
the VPN tunnel?

Do you need to add or enable NAT in the vpn server to route traffic from the


Openvpn-users mailing list