Pfsense 2.0 site-to-site with multiple clients[SOLVED]
-
I have a partial working site-to-site.
Global Settings:
p2p Shared Key
UDP
tun
compressionServer:
Tunnel Network: 10.0.8.0/24
Local Network: 10.1.1.0/24
Remote Network: 192.168.1.0/24
pfsense LAN IP: 10.1.1.1Client1
Tunnel Network: 10.0.8.0/24
Remote Network: 10.1.1.0/24
pfsense LAN IP: 192.168.1.1This is working As is - But I want to add another client
Client2
Tunnel Network: 10.0.8.0/24
Remote Network: 10.1.1.0/24
pfsense LAN IP: 192.168.2.1Adding the client2 breaks the system.
Problem 1: Both clients get the same virtual IP in each respective status page (10.0.8.2)
Problem 2: Server only sees 1 client
Problem 3: Everything works between Server and Client1 when Client2 is down and everything works between Server and Client2 when Client1 is down.I'm guessing I have to assign static IPs to each client with:
ifconfig 10.8.0.X 255.255.255.0
and add the next route on each client:```
route 192.168.2.0 255.255.255.0What am I missing?
-
The solution to this problem is to have multiple site-to-site VPNs. You can have a site-to-site between two nodes, but adding clients will cause issues. For inter-connectivity 2 VPN servers and 3 clients are required. This makes a mesh network.
Below is a diagram that outlines the solution. Adding a fourth client to the equation makes this even more complicated if inter-connectivity is required.If anyone would like to comment on this solution please do so!