Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN with DHCP from server LAN

    Scheduled Pinned Locked Moved
    OpenVPN
    vpn tap dhcp
    3
    14
    1.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      djdmx @Jarhead
      last edited by

      @jarhead thank you, can you tell me how to configure it and how to assign the tunnel to the 3td NIC?

      J 1 Reply Last reply Reply Quote 0
      • J
        Jarhead @djdmx
        last edited by

        @djdmx
        https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-bridged.html

        D 1 Reply Last reply Reply Quote 0
        • D
          djdmx @Jarhead
          last edited by

          @jarhead thank you so much, I'll try and let you know

          J 1 Reply Last reply Reply Quote 0
          • J
            Jarhead @djdmx
            last edited by

            @djdmx
            Just to add, if you don't have at least a 500/500 internet at both sites, it's gonna be tough.
            tap vpn's were always frowned upon but it was never the vpn, just because the internet connections weren't fast enough.

            I remember I hit a few snags setting it up so any problems you have, just post here. I should be able to remember what I did.

            D 2 Replies Last reply Reply Quote 0
            • D
              djdmx @Jarhead
              last edited by

              @jarhead thank you!
              I set up correctly PFSense at home as OpenVPN server, in tap mode, and bridge with LAN interface.

              Now I have to configure the second PFSense as OpenVPN client and assign it to 3rd NIC.
              Any suggestion?

              1 Reply Last reply Reply Quote 0
              • D
                djdmx @Jarhead
                last edited by

                @jarhead I have some problems with tunnel configuration:
                I set up server side in Peer to Peer (Shared Key) mode (in this mode it's not possible to select "Bridge DHCP", and the same Peer to Peer (Shared Key) mode on the PfSense client.
                On the server I create a bridge with openvpn and LAN.
                The tunnel is working (client correctly connect to the server), but it doesn't obtain an ip address from server's LAN DHCP.

                johnpozJ 1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator @djdmx
                  last edited by

                  @djdmx said in VPN with DHCP from server LAN:

                  Peer to Peer (Shared Key

                  That is going away anyway - I would suggest from doing any sort of anything with shared key as the setup

                  https://redmine.pfsense.org/issues/12981
                  Warn about OpenVPN shared key deprecation

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.03 | Lab VMs 2.7.2, 24.03

                  D 1 Reply Last reply Reply Quote 0
                  • D
                    djdmx @johnpoz
                    last edited by

                    @johnpoz Thank you, I know that. It's only for the first test

                    1 Reply Last reply Reply Quote 0
                    • D
                      djdmx
                      last edited by

                      I did it!

                      This is my configuration:

                      SERVER

                      OpenVPN settings:
                      Peer to Peer (Shared Key)
                      Tap mode
                      UDP on IPV4
                      Interface WAN
                      Port 1194
                      Data encryption (default 256-bit)
                      Tunnel IP4 network 192.178.168.0/30

                      Interfaces:
                      OpenVPN interface assigned to OPT1
                      Bridge with LAN and OPT1

                      Firewall rules:
                      WAN -> permit UDP 1194 from any to WAN
                      OPT1 -> permit any IPv4 from any to any
                      BRIDGE -> permit any IPv4 from any to any
                      OPENVPN -> permit any IPv4 from any to any

                      CLIENT

                      OpenVPN settings:
                      Peer to Peer (Shared Key)
                      Tap mode
                      UDP on IPV4
                      Interface WAN
                      Server host -> my_server_IP
                      Server Port 1194
                      Data encryption (default 256-bit)
                      Tunnel IP4 network 192.178.168.0/30

                      OpenVPN interface assigned to OPT1
                      Bridge with LAN2 and OPT1 with DHCP IPv4 address

                      Firewall rules:

                      OPT1 -> permit any IPv4 from any to any
                      LAN2 -> permit any IPv4 from any to any
                      BRIDGE -> permit any IPv4 from any to any
                      OPENVPN -> permit any IPv4 from any to any

                      Now I'll try to move to Peer to Perr (SSL/TLS) ;-)

                      J 1 Reply Last reply Reply Quote 0
                      • J
                        Jarhead @djdmx
                        last edited by

                        @djdmx Good to hear!!
                        Sorry I haven't answered any of your posts, just getting over the flu. But you didn't need my help anyway!

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post