Re: [Openvpn-users] Port Forwarding / NAT / Routing

  Subject: Re: [Openvpn-users] Port Forwarding / NAT / Routing
  • From: "Prasanna Krishnamoorthy" <prasanna79@xxxxxxxxx>
  • Date: Wed, 17 Oct 2007 23:27:20 +0530

On 10/17/07, Aminuddin <amin.scg@xxxxxxxxx> wrote:
> Hi,
> I'm having a major headache trying to do the following:
> 1. Provide a port forwarding of various ports from vpn clients using PF.
> 2. Provide services such as www, smtp etc.. for different vpn clients
You need to do
1) Use ccd, to give fixed IP's to each client.
2) Use PF to NAT particular ports on the public IP to the
corresponding ports on the VPN IP.
3) Optionally use your own nameserver to map names to the VPN IP's so
other ppl on the VPN can access these services.

This is an interesting set of requirements. Can you tell me what this is for?


> Do you need to add or enable NAT in the vpn server to route traffic from the
> clients?
No, the tunnel can be used to route any traffic. You need to have a
corresponding iroute, or route setup so that OpenVPN does not drop any
packets which do not match it's routing filter which is used to
prevent spoofing.
