• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN IPSEC ISOLATION

Scheduled Pinned Locked Moved OpenVPN
1 Posts 1 Posters 369 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    achraf67
    last edited by Jan 11, 2018, 3:58 PM

    Hello all,

    I have a IPSEC connexion beetwen two pfsense as below.

    LAN1 (192.168.17.0/24)–---pFsense1 ----ipsec------ pFsense2--------LAN2 (10.3.4.0/20).

    I added a OpenVPN connexion to my first LAN1, in the network (192.168.18.0/24).
    My topology works well, with my mobile I can reach the 10.3.4.X devices through the OpenVPN and IPSEC tunnel.

    My question is about to isolate the OpenVPN client.
    For exemple, toto1 get a Ip adress on the OpenVPN and can reach only the 10.3.4.Y devices...
    At long term, I will have more than 300 users, and I cannot juste use firewall rules...I need a scalable solution to do that.
    Moreover, the users cannot ping others users even in the same subnet

    So my questions :

    How to isolate OpenVPN networks ? Iptables ?
    How can I log the users ? LDAP ? VLAN ?

    Thanks you for your time, your reflexion and your proposition.

    Sorry for my english.

    A+

    1 Reply Last reply Reply Quote 0
    1 out of 1
    • First post
      1/1
      Last post
    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
      This community forum collects and processes your personal information.
      consent.not_received