VPN and Netgate 1100
-
Hello all,
I appreciate you reading this.
I just set my Netgate 1100 and OpenVPN.
The OpenVPN server gave me an IP of 192.168.1.xxx
How can a client computer connect to the Netgate 1100 OpenVPN from another location if the IP address is not even reachable offsite?
Can you assign a static IP to the OpenVPN?
Thank you
-
@dbass I don't have one handy to look at, at the moment, but did you select the WAN interface?
@dbass said in VPN and Netgate 1100:
Can you assign a static IP to the OpenVPN?
To the remote client? With RADIUS one can assign an IP. At least, I've done that with IPSec.
-
Hi Steve
Thanks for the reply. I mean on the server where the Netgate 1100 is connecting. It gives me a private Network range. Example, my server had a static IP address before, but when I plug the Netgate 1100 into my myserver, It wants to assign network ranges of 192.168.1.xxx to the server. It says my static IP is out of range.
I hope I am explaining that ok.
Thanks
-
@dbass Are you trying to use the 1100 as a VPN client? A site to site would be more like https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html. The IP ranges on each LAN don't need to change, the routers handle routing packets.
If that's not the case can you post a diagram?
-
@steveits Hi Steve,
Yes, that is correct. I am trying to use the 1100 as the VPN. I will look at the document.
Thanks
-
Steve, one ore question. Thank you for your help!
Maybe I am not understanding this, or doing this wrong. Let me explain my Use Case.
I want users to be able to see our network from home.
I have the server ip address set as a static IP. 47.xxx.xxx.xxx
When I installed the Netgate. It said to take out the Nwtwork Cable that usually goes into the server, and plug it into the Netgate 1100 WAN Port. Then I take another ethernet cable that is plugged into the LAN port of the 1100 and plug that into the server as its IP Source.
The Netgate wants everything to be on the 192,168,1,xxx network on the server.
So all network traffic is going through the Nethate 1100 first before going to the server.
Is this wrong? Maybe
Another thought. The server has multiple NIC cards. Maybe I use my source Network cable in one and use another NIC card to route the Netgate?
Thanks
-
@dbass A public IP can only be used once. If you use NAT then LAN gets a private IP range, and you need NAT port forwarding rules to connect to the server on LAN.
If the server actually needs a public IP then you need to get another IP range from the ISP so they can route the public IP to you.
https://docs.netgate.com/pfsense/en/latest/recipes/route-public-ip-addresses.html