Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site to Site and Road warrior combined?

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 3 Posters 3.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kryptos
      last edited by

      Hi all,

      This a question from a new guy like me so bear with me. Currently I have setup openvpn for road warriors where users can connect to my main pfsense server and this is working great now recently we been opening a new branch and I am have already pfsense 2 on it and I am planning to to setup site to site vpn connection between this two servers. Is it possible to have this both site to site and  road warrior setup combined? I want to achieve to make our main server capable of handling both road warrior users and at the same time our branch office pfsense server could connect to it as site to site client.

      Hope someone here could advise me what to do.

      Thanks,
      Rocel

      1 Reply Last reply Reply Quote 0
      • H
        heper
        last edited by

        what you want to do is no problem and should be fairly easy to setup.
        you will need a different tunnel subnet then your roadwarriors and easiest would be that the remote location lan has a different subnet then the local lan subnet. (this to avoid routing issues)

        other then that you just have to pick the method you'd like to provide encryption (shared key being the easiest)

        1 Reply Last reply Reply Quote 0
        • K
          kryptos
          last edited by

          I have found a howto that answer my inquiry. From this site –-> http://blog.stefcho.eu/?p=576

          Thanks though for the response.

          Regards,
          Rocel

          1 Reply Last reply Reply Quote 0
          • N
            Nachtfalke
            last edited by

            the difference on pfsense 2 between OpenVPN RoadWarrior and Site-to-Site is just the options in the GUI.
            For a site-to-site connection you do not use Username/password so this option isn't available when selecting sito-to-site.

            But the OpenVPN server is working the same - no matter if you selected site-to-site or RoadWarrior.

            If you already found your answer - that's nice to hear and you can forget about my post :)

            1 Reply Last reply Reply Quote 0
            • K
              kryptos
              last edited by

              Thanks for the pointers.. I now going to test more with Openvpn with Pfsense and it was getting easier to setup unlike before.

              Just another question I have some dilemma with hostname not resolving  from remote connection from our main network where the vpn server resides. Though this can be accomplished with dns forwarder but I don't want to do this manually everytime I have a new hostname to resolve. I would like to resolve hostnames for my remote vpn users automatically. Please if you have any idea what will I do it would be a great help to me.

              Regards,
              Rocel

              1 Reply Last reply Reply Quote 0
              • N
                Nachtfalke
                last edited by

                Try to use any pfsense LAN interface as DNS.
                I am not sure how fast the names get resolved - this is something I am really not sure about the OpenVPN/DNS configuration.

                1 Reply Last reply Reply Quote 0
                • K
                  kryptos
                  last edited by

                  Tried that it though I didn't wait that long enough. I ll just tried again if that works. Thanks

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.