Site 2 site vpn question
- 
 hello, can someone please explain me how to setup a bidirectional ovpn-tunnel 
 between two pfsense walls?I have office1 running pfsense and office2 running it, 
 do i have to configure only one tunnel from office1
 to office2 (office1=client, office2=server) to get
 it work in both directions or do i have to setup
 client and server vpn on both sites?Is there some documentation for site 2 site OpenVPN? many thanks 
- 
 http://doc.pfsense.org/index.php/Setting_up_OpenVPN_with_pfSense 
- 
 well, i read that, but it doesn't seem to focus on site 2 site. I don't want bridging. 
 Please -v
- 
 ok, i read it 10 times now, i really don't see something about site to site 
 in there.Can somebody please tell me in some short words what i have 
 to do to configure a tunnel that works in both directions?I have created a tunnel as described in the doc, and i entered 
 the remote network for site 2 site vpn, but i can only connect
 from office1(ovpn configured as client) to office2(ovpn configured
 as server)…
- 
 if you have pfSense on both ends, I'd recommend setting up IPSec. It is amazingly easy and quick to setup. There is plenty of documentation on the site regarding a site to site (router to router) IPSec VPN. I currently use pfSense between my house, my friends house and our colocation center with an IPSec VPN flawlessly (aside from some virtual ip issues.(http://forum.pfsense.org/index.php/topic,2361.0.html)). 
 Good luck
- 
 OpenVPN IPsecs are nothing more than a tun/tap (in this case, tun) interface linking both endpoints together. All OpenVPN does is to create the tunnel and then (optionally) set routes to emulate a local network. Therefore, OpenVPN is essentially site-to-site friendly. If you can't access from A to B, you are not filling the "Remote network" fields correctly. Check your config. 
- 
 I run a point to point OpenVPN between two pfsense boxes, what do you need to know? :) 
- 
 the site 2 site is very simple to set up (with the pdf document)…. but is it also possible to connect 3 pfsense client machines to one openvpnserver-pfsensemachine and routed the networks behind the 3 pfsense machines......(i don't want to open to much external (firewall) ports PC1 PC2 
 | |
 NETWORK1 NETWORK2 NETWORK3
 | | |
 OPENVPNCLIENT1 OPENVPNCLIENT2 OPENVPNCLIENT3
 | | |
 PFSENSE1 PFSENSE2 PFSENSE3
 | | |
 ---------------------------------------------------------------------
 |
 OPENVPNSERVER
 PFSENSE4
 |
 PC3So that PC2 can ping PC1 and PC3 and PC3 can ping PC2 and PC1 and PC1 can ping PC2 and PC3