Bug #12408
closed
Input validation prevents creating 1:1 NAT rules on OpenVPN
0%
Description
Maybe related to https://redmine.pfsense.org/issues/11751 but for 1:1 NAT rules with OpenVPN interface selected
When attempting to create a 1:1 NAT rule on a OpenVPN interface the following error is presented,
The following input errors were detected:
The interface does not have an address from the specified address family.
This was not an issue for pfSense < 2.5. The existing 1:1 NAT rules (created pre-pfSense 2.5) for OpenVPN interfaces works so this seems to only be a issue with the frontend validation.
In issue 11751 it is stated that the fix should also fix the issue with OpenVPN but its does not.
Files
| Screenshot 2021-09-27 112827.png (92.6 KB) Screenshot 2021-09-27 112827.png | image showing the error | ||
| openvpn_int.png (11.5 KB) openvpn_int.png |
Updated by Chriss E about 3 years ago
Tested on Netgate pfSense Plus 21.05.1-RELEASE (amd64)
Updated by Chriss E about 3 years ago
The problem seems to be that the array value of 'openvpn' does not reflect the actual value sent by firewall_nat_1to1.inc
$vpn_and_ppp_ifs = array("l2tp", "pppoe", "enc0", "openvpn");
The value sent when selecting an OpenVPN interface is sent as interface "opt1" and not "openvpn" or "enc0" for IPSec.
Updated by Chriss E about 3 years ago
I worked around the issue temporarily by adding opt-interfaces to the array,
$vpn_and_ppp_ifs = array("l2tp", "pppoe", "enc0", "openvpn", "opt1", "opt2", "opt3");
Updated by Viktor Gurov about 3 years ago
Updated by Jim Pingle about 3 years ago
- Status changed from New to Pull Request Review
- Assignee set to Viktor Gurov
- Target version set to 2.6.0
- Plus Target Version set to 22.01
Updated by Viktor Gurov about 3 years ago
- Status changed from Pull Request Review to Feedback
Merged
Updated by Alhusein Zawi about 3 years ago
- File openvpn_int.png openvpn_int.png added
- Status changed from Feedback to Resolved
able to create 1:1 NAT on openvpn int.
2.6.0.a.20211013.0500