Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Open VPN Site to Site and Remote Clients Combination

    OpenVPN
    3
    4
    401
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      melodyst
      last edited by

      Hello folks,

      New to the world of pfsense and would like someone to shed some light on the topic

      Main office:
      192.168.80.0/24

      Remote Office:
      lan 1:192.168.10.0/24
      lan 2 :192.168.20.0/24
      lan 3:192.168.30.0/24

      Site to SIte connection with Open VPN has been established. The Server runs on the main office using as a tunnel network :192.168.100.0/24 and all lans from main and remote office are accessible from any location

      In the main office a Server for Remote Acceess(SSL/TLS) has been also configured, using the tunnel network 192.168.110.0/24 and also all the local networks from the two locations have been added to the IPv4 local network(s) field.
      Connection has been tested from remote mobile and windows clients and it works fine.

      The only drawback is that the remote clients can access the resources available only to the main office. They can not ping anything in the remote office.
      How can we make available all the resouirces from both , main and remote office, to Remote clients??
      If a step by step guide exists or a video tutorial showcasing this it would help a lot.

      Many thanks in advance guys

      bingo600B V 2 Replies Last reply Reply Quote 0
      • bingo600B
        bingo600 @melodyst
        last edited by bingo600

        @melodyst

        Sound a bit like a routing issue.

        Did you remember to include the "Dialin Client ip ranges" in the Openvpn L2L Servers "Local network" , and the Openvpn Client L2L "remote networks".

        Do you have "Dialin Client" have default gateway via the "Server" or ?

        Edit:
        This might not be the way to do it on your setup.
        I'm using /30 nets for L2L connections.

        Btw: And I have no idea why people are selecting /24 for a P2P L2L link.

        /Bingo

        If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

        pfSense+ 23.05.1 (ZFS)

        QOTOM-Q355G4 Quad Lan.
        CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
        LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

        M 1 Reply Last reply Reply Quote 1
        • V
          viragomann @melodyst
          last edited by

          @melodyst
          All you need is to add the respective networks to the OpenVPN settings to add the routes.

          In the main office remote access settings add all your local networks (main and remote office) to "Local Networks". This pushes the routes to the clients.

          In the remote office OpenVPN settings add 192.168.110.0/24 (access server tunnel network) to the "Remote Networks". This sets the route on the remote site to direct responses to access servers clients requests back to the main office.

          1 Reply Last reply Reply Quote 1
          • M
            melodyst @bingo600
            last edited by melodyst

            @bingo600 said in Open VPN Site to Site and Remote Clients Combination:

            Dialin Client ip ranges
            @viragomann

            Thanks a lot for your advice guys; The dial in tunnel was not added to the Site 2 Site remote networks list, therefore could not be routed.

            Thanks again

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.