Pfsense 2.0 site-to-site with multiple clients[SOLVED]

tommyboy180

I have a partial working site-to-site.

Global Settings:
     p2p Shared Key
     UDP
     tun
     compression

Server:
     Tunnel Network: 10.0.8.0/24
     Local Network: 10.1.1.0/24
     Remote Network: 192.168.1.0/24
     pfsense LAN IP: 10.1.1.1

Client1
     Tunnel Network: 10.0.8.0/24
     Remote Network: 10.1.1.0/24
     pfsense LAN IP: 192.168.1.1

This is working As is - But I want to add another client

---

Client2
     Tunnel Network: 10.0.8.0/24
     Remote Network: 10.1.1.0/24
     pfsense LAN IP: 192.168.2.1

Adding the client2 breaks the system.
Problem 1: Both clients get the same virtual IP in each respective status page (10.0.8.2)
Problem 2: Server only sees 1 client
Problem 3: Everything works between Server and Client1 when Client2 is down and everything works between Server and Client2 when Client1 is down.

I'm guessing I have to assign static IPs to each client with:ifconfig 10.8.0.X 255.255.255.0and add the next route on each client:```
route 192.168.2.0 255.255.255.0

What am I missing?

tommyboy180

The solution to this problem is to have multiple site-to-site VPNs. You can have a site-to-site between two nodes, but adding clients will cause issues. For inter-connectivity 2 VPN servers and 3 clients are required. This makes a mesh network.
Below is a diagram that outlines the solution. Adding a fourth client to the equation makes this even more complicated if inter-connectivity is required.

If anyone would like to comment on this solution please do so!