An mar., juin 29, 2010, Jakob Schwienbacher schrieb:
>On 29 June 2010 11:42, Michael <monowall at encambio dot com> wrote:
>> If I swap the m0n0wall router out for a cheap home router that does
>> full cone NAT then all devices can connect to the OpenVPN server.
>> The router (and NAT) configuration:
>> M0n0wall 1.32 embedded
>> Services: Proxy ARP - No entries
>> Firewall: NAT: Inbound - No entries
>> Firewall: NAT: Server NAT - No entries
>> Firewall: NAT: 1:1 - No entries
>> Firewall: NAT: Outbound - ...
>> X 'Enable advanced outbound NAT'
>> Interface Source Destination Target
>> WAN 192.168.1.0/24 * * (no portmap)
>> With this config I can connect one OpenVPN device, but the others
>> fail to connect. There are no other problems, NAT or otherwise.
>Do you need the "Advanced outbound NAT" enabled? I have it just
>disabled and everythig works fine.
Good question. At least after I disable that, more than one device
can connect to the OpenVPN server, so the problem is solved.
The only question now is that I have a gut feeling that 'Advanced
outbound NAT' was enabled in the first place for a good reason.
That means I'll keep testing and hopefully discover that it can
be left disabled on my network.
Regards and thanks a lot,