# How to properly forward all traffic through VPN in 11? (port forwarding)



## matuko (Nov 2, 2016)

I have FreeBSD 11 on a server where I've installed OpenVPN and I need to setup VPN properly to be able to put internet traffic through it.

I can't connect to the internet anymore from my local computer after I've established a connection with my server via VPN.  I guess the issue is port forwarding and I want to set it up properly via /etc/pf.conf.

Here's what I have:

```
sysctl net.inet.ip.forwarding  #=> net.inet.ip.forwarding: 1
```

And  

```
$ cat /etc/rc.conf
   
    ifconfig_vtnet0="dhcp"
    openvpn_enable="YES"
    openvpn_if="tun"
    gateway_enable="YES"
```


And the openVPN config of the server:


```
push "redirect-gateway def1 bypass-dhcp"
    push "dhcp-option DNS 208.67.222.222"
    push "dhcp-option DNS 208.67.220.220"
```


Yet, the error I have on the server observed in its logs is:


```
MULTI: bad source address from client [x.x.x.x], packet dropped
```

I've read the handbook but it wasn't clear what exactly I have to use from it.

What have I forgotten?


----------



## matuko (Nov 2, 2016)

I've added this


```
firewall_enable="YES"
firewall_type="open"
```

and now I'm able to connect to the internet but the error with dropping the packets remains.


----------



## SirDice (Nov 3, 2016)

Please don't bump threads. Your issue has nothing to do with port forwarding. Also note that firewall_enable enables IPFW, /etc/pf.conf is for PF. Those are two different firewalls.


----------

