STUMPED: Setting up OpenVPN server on FreeBSD (self.freebsd)
freebsd at fongaboo.com
Sat Aug 26 13:10:33 UTC 2017
I'm following this tutorial:
Trying this on an AWS instance first and then planning to try on a bare metal colo server.
OpenVPN client and daemon seem to be working, in terms of handshaking and
connecting with each other. Problem is, no matter what I do, connected
clients can't get out to the Internet through the server's gateway
I've tried setting up NATD, like the tutorial instructs. I've tried
enabling ipfw_nat as described in this comment:
rc.conf (for NATD):
rc.conf (revised for ipfw_nat):
*xn0 = external interface of the server
Neither config allows Internet access. I have this line enabled in
push "redirect-gateway def1 bypass-dhcp"
Perhaps this is part of the solution?:
# Configure server mode for ethernet bridging
# using a DHCP-proxy, where clients talk
# to the OpenVPN server-side DHCP server
# to receive their IP address allocation
# and DNS server addresses. You must first use
# your OS's bridging capability to bridge the TAP
# interface with the ethernet NIC interface.
# Note: this mode only works on clients (such as
# Windows), where the client-side TAP adapter is
# bound to a DHCP client.
Any advice would be appreciated. I'm willing to try any combination of
ipfw vs. pf or natd vs. ipfw_nat or whatever if it will allow clients to
see the WAN. TIA!
More information about the freebsd-questions