Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Inter Site Communication Between two VPN Clients Site

    General pfSense Questions
    2
    3
    426
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      ashima LAYER 8
      last edited by

      Hello everyone,

      My Scenario :

      Pfsense  working as openvpn server at head office

      Site A, Site B  are connecting to Openvpn Server at head Office through OpenVPn Tunnel

      Communication happening between Site A and head office and vice versa
      Similarly between Site B and head office.

      I would like to access Server at Site A from Server at Site B. (Inter Site Communication)

      Unfortunately option Inter Client communication is not available for OpenVPN server (Site 2 Site)

      I tried putting Site A lan subnet in CSO of Site B local network in Openvpn Server. This pushed the route to Site B. I was able to ping server at Site A from the firewall but not from any other device from Site B.

      What am I missing ? Any help ?

      Regards,
      Ashima

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        You need a CSO for both sites. Consider that CSO only works with TLS auth. and client certificates and that the common name in CSO must match that one in the cert.

        In the CSO for A enter the head office and the site B LAN subnets at "IPv4 Local Network/s" and the site A LAN at "IPv4 Remote Network/s".
        In the client config on A enter the head office and the site B LAN subnets  at "IPv4 Remote network(s)".

        Accordingly to this also configure CSO and client for B.

        Also configure the firewall rules on each node to permit the access.

        Consider that also the operating systems firewall of the destination device may block access from the other sites.

        1 Reply Last reply Reply Quote 0
        • A
          ashima LAYER 8
          last edited by

          Thank you  @viragomann

          " In the client config on A enter the head office and the site B LAN subnets  at "IPv4 Remote network(s)" "

          This is what made it work. I was trying to do so since morning.

          Regards,
          Ashima

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.