Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Site to Site

    Scheduled Pinned Locked Moved General pfSense Questions
    24 Posts 5 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      Jarhead @brandon-lizard
      last edited by

      @brandon-lizard https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-bridged.html

      B 1 Reply Last reply Reply Quote 0
      • B
        brandon-lizard @Jarhead
        last edited by brandon-lizard

        @jarhead Say I created a VLAN on my home network switch. How would that work with pfsense?

        R J 2 Replies Last reply Reply Quote 0
        • R
          rcoleman-netgate Netgate @brandon-lizard
          last edited by

          @brandon-lizard You would create VLAN tags on pfSense and create interfaces out of those VLANs.

          Ryan
          Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
          Requesting firmware for your Netgate device? https://go.netgate.com
          Switching: Mikrotik, Netgear, Extreme
          Wireless: Aruba, Ubiquiti

          1 Reply Last reply Reply Quote 0
          • J
            Jarhead @brandon-lizard
            last edited by

            @brandon-lizard If this whole project is something you're just doing as a test, my need for a tap also needed 3 different vlans. I was able to trunk the tap and send all 3 (or more, tried 5) vlans over the vpn.

            I was surprised it actually worked but I think the stigma around tap vpn's had a lot to do with the actual internet connection. It worked great for me with a 500M fiber connection on both ends and my ping time only increase by 3 -10ms when using the "other" side.

            stephenw10S 1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator @brandon-lizard
              last edited by

              @brandon-lizard said in OpenVPN Site to Site:

              Yes, dhcp is running on the server side.

              But it is actually running on pfSense or on some other server at that site?

              You might want to look at running a DHCP relay instead.

              Steve

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator @Jarhead
                last edited by

                @jarhead said in OpenVPN Site to Site:

                I was surprised it actually worked but I think the stigma around tap vpn's had a lot to do with the actual internet connection. It worked great for me with a 500M fiber connection on both ends and my ping time only increase by 3 -10ms when using the "other" side.

                This is very true. Most of the bad rep TAP gets if from people who set it up over a >100ms link and then hit issues when the broadcast domain includes that.

                It's possible to do some interesting combinations of routing over TAP with some manual editing. That can be useful.

                Steve

                1 Reply Last reply Reply Quote 0
                • B
                  brandon-lizard
                  last edited by

                  I have got it working. I am able to pxe boot from to a server on the remote network. However the tftp is super slow. How can I speed that up?

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    How slow? What's the latency to the server?

                    What bandwidth do you see across the tunnel for other protocols?

                    TFTP is a basic protocol, there's not much you do there.

                    B 1 Reply Last reply Reply Quote 0
                    • B
                      brandon-lizard @stephenw10
                      last edited by

                      @stephenw10 I am not sure exactly where to look for that information. The server on my remote side runs a custom linux operating system and has a dhcp, pxe and tftp server.

                      Here is my setup:
                      Client Computer -> VLAN Switch -> Local Pfsense Firewall -----> OPENVPN TAP ------> Remote Pfsense Firewall -> Remote Lan with server

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        When you say it's 'super slow' what are you actually seeing?

                        If you ping the server across the tunnel what are the ping times?

                        Steve

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.