Can a remote access VPN be used when onsite
-
Greetings,
While I have plenty of IT work in the past, I a noob at pfSense (and firewalls in general) so please excuse me if this rudimentary.
I'm a volunteer and am setting up a netgate/pfSense for a small non-profit and want to get it right before I install. I need to restrict access to servers based on users and the systems they need to access. I plan to set up 3 remote access openvpn's based on users' needs - three different ports with firewall rules to connect them to needed servers.
One of the users is very tech challenged and has complained with the old setup that he had to use two different methods if he was onsite vs offsite.
So.... Here's my question, if someone is onsite, can they still connect to resources using the openvpn intended for offsite access?
Thank you very much,
Leon -
@ccgc
When connecting to a VPN, the client adds routes for the remote networks to go over the VPN. So connections to remote resources use the VPN server as gateway.
However, gateways are only used to connect to addresses outside of the local subnet.This means, you can route all traffic to IPs outside of the clients subnet over the VPN, but connections to IPs within the clients network segment won't go over the VPN.
So if the client is in another subnet than the destination devices it would work.
-
@viragomann Thank you, sir! I will be implementing next week.