Faisability : OpenVPN SSL/TLS sites to sites with multi-wan and ospf.

  • Hi guys, i'm currently trying to implement a solution for a site to site openvpn, with multi-wan on the clients sides.

    So one central server as hub, and multiple clients (many with 2 WANs)

    There's a setup for this in the Pfsense ebook :

    What I'm asking is if it's possible to achieve this (cfr picture above) with more than one client and with SSL/TLS instead of shared key. (If SSL is not possible then doesn't matter)


  • Rebel Alliance Developer Netgate

    It can work in SSL/TLS mode but it has to use tap, not tun. It won't work in net30 or subnet topology last I tried it.

    The rest of the setup can be similar, just use tap mode with a /24 tunnel network and ignore the bridging parts.