Want to NAT over VPN but not the gateway's own traffic
kudzu at tenebras.com
Sat Mar 5 17:08:59 UTC 2016
$IF_TUN and $if_tun are meant to be the same, of course. I pasted those
from two different files.
On Sat, Mar 5, 2016 at 8:34 AM, Michael Sierchio <kudzu at tenebras.com> wrote:
> This is indeed possible. I've done this with a combination of ipfw, kernel
> nat, and firewall rules that explicitly use different route tables (man
> This is a brief snippet from a firewall that was routing different traffic
> differently, and using NAT on the OpenVPN tunneled traffic.
> setfib 1 route -q add default -interface $IF_TUN
> $FW nat 100 config if $if_tun
> $FW add nat 100 ip from any to any in recv $if_tun
> $FW add setfib 1 ip from $INSIDE_NET to any
> $FW add nat 100 ip from any to any out xmit $if_tun
> On Sat, Mar 5, 2016 at 2:55 AM, Malcolm Matalka <mmatalka at gmail.com>
>> I'm trying to have the following setup:
>> I have a host that is acting as a WiFi access point and then NATing
>> traffic to the internet. That host is running an OpenVPN client. So
>> wlan0 traffic is NAT'd to tun0. That is exactly what I want. However,
>> I would like to keep this setup of the WiFi AP going through the VPN but
>> the traffic of the machine itself to go not go through the VPN.
>> Is this possible? How? I'm not sure what information I actually need
>> to get proper help.
>> freebsd-questions at freebsd.org mailing list
>> To unsubscribe, send any mail to "
>> freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions