OpenVPN in a gateway group
-
Hi.
I have two sites connected together using a MPLS connection.
I setted up the static routes which lets site1 to communicate to site2 using the MPLS connection:Site 1 - System - Static routes:
Network 192.168.120.0/24
Gateway GWMPLS - 192.168.140.1
Interface MPLSSite 2 - System - Static routes:
Network 192.168.130.0/24
Gateway GWMPLS - 192.168.140.17
Interface MPLSThe connection between two sites works except when the MPLS connection is down, of course.
Both sites can connect to Internet using each own WAN connection, so I setted up an OpenVPN Peer to Peer connection between two sites, without specifying any IPv4 remote network as static routes are already setted up through the MPLS network.
Now I wish to use the OpenVPN connection as failover to the MPLS one, so I was thinking to solve the problem setting up a new gateway group with the MPLS gateway as tier 1 and the OpenVPN gateway as tier 2.
But when I try to create a new gateway (System - Gateways) pfSense tells me that the specified gateway does not belong to any available subnet.
How can I solve this problem?
Could you help me please?
Thank you very much, bye!
-
you can assign an interface to openvpn. pfsense then automagically creates a gateway for it
-
you can assign an interface to openvpn. pfsense then automagically creates a gateway for it
Thank you very much, it worked.
But now I have a problem with the firewall rules on that interface.
I setted it up but I realized that rules on the OpenVPN "default" interface in firewall - rules are priority than rules setted in the newly created interface, even if in the firewall logs I see that blocked packets are coming from the newly created interface.Could you help me please?
-
remove all the rules on the openvpn tab / only put rules in the openvpn-interface tab
-
remove all the rules on the openvpn tab / only put rules in the openvpn-interface tab
Thank you very much!
It works!
Bye!