Added note to create NAT outbound rule for redirect-gateway to work (#554)

* Added note to create NAT outbound rule for redirect-gateway to work https://github.com/opnsense/core/issues/7318 * Added a brief info abount redirect-gateway --------- Co-authored-by: Thomas Cekal <admin@cekal.org>
2024-11-10 19:10:55 +00:00 · 2024-04-15 13:10:55 +02:00 · 2024-04-15 13:10:55 +02:00 · d838de2615
commit d838de2615
parent 594fd7a696
1 changed files with 5 additions and 0 deletions
--- a/source/manual/how-tos/sslvpn_instance_roadwarrior.rst
+++ b/source/manual/how-tos/sslvpn_instance_roadwarrior.rst
@ -146,6 +146,7 @@ TLS static key          choose the prepared static key
 Authentication          Local Database  :sup:`2`
 Strict User/CN Matching [V]  :sup:`3`
 Local Network           192.168.8.0/24
+Redirect gateway        Leave empty :sup:`4`
 ======================= =======================================

 .. admonition:: Note  :sup:`1`
@ -163,6 +164,10 @@ Local Network           192.168.8.0/24
   Selecting the "Strict User/CN Matching" option warrants only matching user/certificate can login, when sharing a single
   vertificate between clients this option needs to be deselected.

+.. admonition:: Note  :sup:`4`
+
+   If you want all outgoing IP traffic to be redirected over the VPN, you can set the option to :code:`default`.
+   For this to work, a manual NAT outbound rule must be created.

 Next go to :menuselection:`Firewall --> Rules --> WAN` and add a rule to allow traffic on port :code:`1194/UDP` from the other
 host. At minimum we should add a rule similar to this one: