In one VPN out another
-
Hey guys, i have my house and my parents house connected with a site to site VPN. I also have a road warrior setup for each place so i can VPN in on my phone. Is there a way to make it so i can just VPN into my PFsense but be able to access my Freenas server on their network and other things on their network. How i do it now is disconnect, then VPN into their place separately.
Any help would be appreciated, it's above my networking knowledge.
-
You have to configure the OpenVPN routing:
Assuming all OpenVPN devices are pfSense, on your parents box in the site2site settings add your access servers tunnel network to the "Remote Network/s". This sets the route to the access servers client. And in your access server settings you have to add your parents LAN networks to "Local Network/s". This pushes the route for that networks to the client.
Also ensure that the access is permitted by the firewall rules. -
Thanks man..
On my home network, my lan is 192.168.10.0 as well as 20.0, 30.0, etc. My parents lan is 192.168.1.0 and the tunnel network for the site to site is 192.168.90.0. I am handing out 10.0.8.0 to the road warrior VPN. can you just confirm which network goes where?
thanks again for your response, really appreciate it.
-
You have just to add
- at your parents box in the site2site settings, option "Remote Network/s": 10.0.8.0/24 (comma seperated from the other entries)
- in the road warrior settings, option "Local Network/s": 192.168.1.0/24 (as well, comma seperated from the other entries)
Assuming all networks are /24, since you omitted the mask.
-
thanks man, yes they are all /24.. will give that a shot..
-
are these under VPN>OpenVPN>Servers on my box for the Local Networks? i couldn't see it. I am trying to do this on my phone which isn't ideal. Also, i assigned 10.0.8.0 to each of our Road Warrior setups a long time ago when i set this up so they will conflict. I am trying to do this without disconnecting myself as i can't really go over there as they are trying to self isolate..
Right now my house has 2 servers, the road warrior and the site to site. My parents house has a Roadwarrior server and a site to site client.
Will i also have to use the client export utility for the updated settings?
-
@xman111 said in In one VPN out another:
are these under VPN>OpenVPN>Servers on my box for the Local Networks?
I don't know your concrete setup.
I guess, you have to instances on your box. The road warrior server and a second server or maybe a client for the site2site.Both settings I mentioned are available in all settings, except on an access server when "Redirect gateway" is checked.
@xman111 said in In one VPN out another:
Also, i assigned both 10.0.8.0 to each of our Road Warrior setups a long time ago when i set this up so they will conflict.
So change the tunnel setting on the parents site at first.
@xman111 said in In one VPN out another:
I am trying to do this without disconnecting myself as i can't really go over there as they are trying to self isolate..
The OpenVPN instance restarts after settings change, but should reconnect after if you don't something wrong.
@xman111 said in In one VPN out another:
Will i also have to use the client export utility for the updated settings?
No.
-
viragomann,
that worked perfectly.. now I can connect to my house with the road warrior and access my pfsense admin, their pfsense admin, my unraid server and my freenas server at their house. Thanks so much for that, love it.
One last question though. I had to uncheck the redirect gateway box to get the settings correct. I had just setup the redirect gateway last week. What i want to do is when i am at work connected to their public wifi, is connect to my home vpn and have all my internet traffic on my phone go out my home internet wan instead of my work internet. Is that possible?
thanks again!
-
Yes, you may delete the "Local Network/s" and check "Redirect gateway" instead.
Redirect gateway routes the whole traffic over the VPN, while if it's unchecked, only traffic for the networks stated in "Local Network/s" are routed over the VPN.
So you may check it in the road warrior settings, it will work likewise. -
will have to look into that. i changed the settings the reverse way too. Now i can VPN into my parents and access all my home network stuff. Thanks so much for your time today, that has been bugging me for a while!! have a great day!
-
i was on my home computer trying to access my parents router and Freenas and couldn't get through. Would anything we changed on the Openvpn settings affect my home peer to peer network routing to their network?
-
think i fixed it. had to go into my parents site to site client config and add 192.168.20.0/24 which is my wireless vlan at home. I must have deleted that when following the instructions.
-
@xman111 I believe what you are referring to Split Tunneling. This is a feature that not most VPNs offer but i believe PureVPN does. Theres a 7 day free tial on it for $0.99 if you wanna try
-
This post is deleted!