Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense as openVPN server and another pfSense as client, intersite routing how?

    OpenVPN
    2
    5
    924
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      magloman
      last edited by

      I have two pfsense routers. One is behind a SOHO router which is not controlled by me.
      I have managed to get the router2 behind the Soho router to connect to the main router at main office using some guides about connecting to "VPN-server-service".

      The PCs behind router2 can ping PCs on main network, but how do I set up the two routers so PCs at main office can ping/connect to PCs at branch office while the tunnel is up? I understand that if tunnel is down, its not possible.

      I think I will have to disable NAT in router2 and set up som routing? But how, and how to do it in the main router?

      I attach a Picture of the network.

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        If you are able to access from one to the other site it should also work in the other direction.

        Check if the access is permitted by the firewall rules of LAN interface on the main office pfSense and on OpenVPN interface of the branch office router.

        Also consider that the PCs firewall can block the access.

        1 Reply Last reply Reply Quote 0
        • M
          magloman
          last edited by

          Hi

          Thanks for your answer but not sure you understand how it is done.

          Since the Router2 is behind some router and dont have a public IP I cannot use a traditional LAN to LAN tunnel. I had the Router2 set up as a client dor openVPN. Like a regular PC would be.

          There is a extra interface set up in Router2 that acts as the "dial-up" interface for the vpn and the rules there was any any.

          I pretty sure this is something about NAT and routing setup. Not user how to set that up :-(

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            There's no need for a public IP on the vpn client. It just has to be able to reach the server on its set protocol + IP + port.

            The routing is set by OpenVPN and depends on your setup. There no NAT needed to get access from LAN to remote LAN.

            Please post your VPN settings of both sites.

            1 Reply Last reply Reply Quote 0
            • M
              magloman
              last edited by

              Hi,

              I solved it!

              I had made it more complicated than it should have been! :D

              I followed the documentation and set up another server on another port. A peer-to-peer server then you could specify "client" network and then the routing got solved by itself.

              It works flawless now :-) I just love pfsense more every day :P

              Thanks for your concern and fast answers! :-)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.