• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Inter Site Communication Between two VPN Clients Site

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 2 Posters 429 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • A
    ashima LAYER 8
    last edited by Jan 24, 2018, 11:04 AM

    Hello everyone,

    My Scenario :

    Pfsense  working as openvpn server at head office

    Site A, Site B  are connecting to Openvpn Server at head Office through OpenVPn Tunnel

    Communication happening between Site A and head office and vice versa
    Similarly between Site B and head office.

    I would like to access Server at Site A from Server at Site B. (Inter Site Communication)

    Unfortunately option Inter Client communication is not available for OpenVPN server (Site 2 Site)

    I tried putting Site A lan subnet in CSO of Site B local network in Openvpn Server. This pushed the route to Site B. I was able to ping server at Site A from the firewall but not from any other device from Site B.

    What am I missing ? Any help ?

    Regards,
    Ashima

    1 Reply Last reply Reply Quote 0
    • V
      viragomann
      last edited by Jan 24, 2018, 2:14 PM

      You need a CSO for both sites. Consider that CSO only works with TLS auth. and client certificates and that the common name in CSO must match that one in the cert.

      In the CSO for A enter the head office and the site B LAN subnets at "IPv4 Local Network/s" and the site A LAN at "IPv4 Remote Network/s".
      In the client config on A enter the head office and the site B LAN subnets  at "IPv4 Remote network(s)".

      Accordingly to this also configure CSO and client for B.

      Also configure the firewall rules on each node to permit the access.

      Consider that also the operating systems firewall of the destination device may block access from the other sites.

      1 Reply Last reply Reply Quote 0
      • A
        ashima LAYER 8
        last edited by Jan 24, 2018, 4:05 PM

        Thank you  @viragomann

        " In the client config on A enter the head office and the site B LAN subnets  at "IPv4 Remote network(s)" "

        This is what made it work. I was trying to do so since morning.

        Regards,
        Ashima

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received