# OpenVPN for LAN



## jcoldwell (Jul 6, 2011)

Hello,

I have a FreeBSD box which I use as a router for my LAN. On that router, I use OpenVPN to connect to a VPN service. I only want to route traffic to 33.33.33.33 through that VPN-tunnel:

```
route-nopull
route 33.33.33.33 default vpn_gateway
```

That works fine on the machine running OpenVPN (router), but not for the computers on my LAN. Traceroute from the LAN just goes to the router, but not beyond.

How do I fix my routes so that LAN computers use the VPN tunnel to connect to 33.33.33.33?


----------



## pbd (Jul 6, 2011)

Do you have


```
gateway_enable="YES"
```

in /etc/rc.conf on the router?


----------



## kpa (Jul 6, 2011)

You'll need to NAT the traffic going out via the VPN tunnel, the VPN server most likely doesn't know about your local LAN network so the return traffic has no route back to your network. pf(4) is probably the easiest to set up to do the NAT'ing.


----------



## jcoldwell (Jul 7, 2011)

kpa said:
			
		

> You'll need to NAT the traffic going out via the VPN tunnel, the VPN server most likely doesn't know about your local LAN network so the return traffic has no route back to your network. pf(4) is probably the easiest to set up to do the NAT'ing.



Thank you for the pointer, it works now.


----------

