Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN - Site to Site VPN behind existing Firewall

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    14 Posts 3 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      billsecond
      last edited by

      I tried that but the tutorials that I have all followed didn’t allow this. Also I want to make sure that the client device has its own subnet and that I can use it to access any of the devices from Corp to the client and vice versa. Do you have a suggested tutorial?

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        I did use a tutorial at the time but I forget which one.. Its pretty standard nowadays because Ive done it before.

        Let me look around a bit. :)

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        B 1 Reply Last reply Reply Quote 0
        • B
          billsecond @chpalmer
          last edited by

          @chpalmer thanks a million.

          1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer
            last edited by chpalmer

            This guy is pretty easy to follow and listen to..

            https://www.youtube.com/watch?v=7rQ-Tgt3L18

            I know Netgate did do a how to but I havent found it yet.

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            B 1 Reply Last reply Reply Quote 0
            • B
              billsecond
              last edited by

              Thanks. I’ll try it again.

              1 Reply Last reply Reply Quote 0
              • B
                billsecond @chpalmer
                last edited by

                @chpalmer I tried that and it does work however I would like for the little traveling router to have and registered the whole subnet that we would give for that device. For example a /24

                1 Reply Last reply Reply Quote 0
                • chpalmerC
                  chpalmer
                  last edited by

                  Can the little router be set up with the files from the export program?

                  Otherwise Id set the little routers up each with their own "site to site" config.

                  https://www.youtube.com/watch?v=-8xt7LUtYH4

                  Ive got a couple dozen of these around my region.

                  Triggering snowflakes one by one..
                  Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                  B 1 Reply Last reply Reply Quote 0
                  • B
                    billsecond @chpalmer
                    last edited by

                    @chpalmer yes I can download the profile to that router but with site to site remember one is behind a firewall such as at the coffee shop. Will this work? Thanks a lot for your help!!

                    1 Reply Last reply Reply Quote 0
                    • chpalmerC
                      chpalmer
                      last edited by chpalmer

                      Yes it will work because of the client server relationship. The client goes out on the internet to look for the server. So only one side has to be visible to those seeking it.

                      I know of at least two of my customer sites that are behind another router full time. And my vehicle router is on Verizon. Im behind carrier grade NAT when ever I switch it on.

                      The only reason it will not work is if the wifi you try to use blocks the specific port you are trying to use. Many will use something like port 80 to get by this. Like I said though.. Ive never been blocked using port 1198 on my road warrior setup.

                      Triggering snowflakes one by one..
                      Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                      1 Reply Last reply Reply Quote 1
                      • chpalmerC
                        chpalmer
                        last edited by

                        Some links.

                        https://forum.netgate.com/category/34/openvpn

                        https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/index.html

                        Triggering snowflakes one by one..
                        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                        1 Reply Last reply Reply Quote 1
                        • B
                          billsecond
                          last edited by

                          I was having problems with the last video because it was requiring me to upload a config file, however now, I installed OpenWRT on it, and I think there has to be a way now to configure the device manually. I am really looking into this now.

                          1 Reply Last reply Reply Quote 0
                          • R
                            rolandherndon Banned
                            last edited by

                            This post is deleted!
                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.