Change interface for outward traffic with OpenVPN enabled?

[demob]

I've tried tackling this problem for days on end with no success and am about to throw the towel in!

Here's my issue;

• I'm running a Transmission jail with OpenVPN.
• I have the transmission webGUI forwarded on my WAN for remote management.
• When OpenVPN is enabled, traffic for the webGUI is coming in via interface epair4b but leaving via tun0.
• It works correctly when OpenVPN is disabled.

I've searched for hours looking at hundreds of posts about setfib, ipfw, and ipfw nat but while I know what I need can't find an example close enough to work it out from there.

Can anyone help me find the magic I've been missing?

Jail's /etc/rc.conf

Code:

portmap_enable="NO" sshd_enable="NO" sendmail_enable="NO"                                                                          
sendmail_submit_enable="NO" sendmail_outbound_enable="NO"                                                                          
sendmail_msp_queue_enable="NO" hostname="transmission_1"                                                                           
devfs_enable="YES" devfs_system_ruleset="devfsrules_common"                                                                        
inet6_enable="YES" ip6addrctl_enable="YES"                                                                                         
transmission_conf_dir="/var/db/transmission"                                                                                       
transmission_download_dir="" transmission_enable="YES"                                                                             
openvpn_enable="YES"                                                                                                               
openvpn_configfile="/usr/local/etc/openvpn/openvpn.conf"                                                                           
openvpn_if="tun"                                                                                                                   
ip6addrctl_enable="YES"                                                                                                            
firewall_enable="YES"                                                                                                              
firewall_nat_enable="YES"                                                                                                          
firewall_logging="YES"                                                                                                             
firewall_type="/etc/ipfw.rules"                                                                                                    
hostname="transmission_1"                                                                                                          
defaultrouter="192.168.0.1"                                                                                                        
ifconfig_epair4b="inet 192.168.0.64/24"                                                                                            
                                                                                                                                   
static_routes="homenet homegate"                                                                                                   
route_homenet="-net 192.168.0.0/24 -interface epair4b -fib 1"                                                                      
route_homegate="default 192.168.0.1 -fib 1"

Jail's /etc/ipfw.rules (they currently do nothing except log the traffic proving the in/out interface issue)

Code:

flush
add 100 check-state
add 101 allow log tcp from any to any setup keep-state
add 5000 allow all from any to any

This is also probably a bad time to post this, as I'm away for a week from tomorrow, so sorry for any delayed replied, but I need to make this thread while I have the motivation to do so!

 

[dlavigne]

Were you able to figure this out?

 

[demob]

Nope still no joy, I was really hoping someone on here could shed some light on it for me!