Tunneling 2 VPN services via 2 routers



  • Hey everyone,

    I'm new to pfSense, and I have to say I love it so far.

    Prior to using pfSense as my internet facing router, I was tunneling one VPN-enabled DD-WRT (VPN B) router through a second VPN-enabled DD-WRT (VPN A) router to reach the internet.

    I am now trying to tunnel one VPN B-enabled DD-WRT router through my VPN A-enabled pfSense router.

    I have confirmed that my pfSense router is connecting properly to VPN A.  I am unable to get the VPN B-enabled DD-WRT router to tunnel through the pfSense router. The connection delivers the requested web pages using VPN A's exit point, but does not persist to VPN B's exit point.

    I tried opening different ports on my pfSense router, but none successfully allowed the VPN pass-through.  I don't recognize any options to allow VPN pass-through on my pfSense device. DD-WRT had a special tab for it with 3 options (IPSec, PPTP, and one other) that you could enable or disable, but it never really told you what it was doing when they were enabled.

    I do not know how to do this same thing in pfSense. My current setup is as follows:

    PC –-> Exit VPN A ---> Exit VPN B ---> Internet

    1.) My PC network card is plugged into a LAN port on my DD-WRT (VPN B) router
    2.) My DD-WRT (VPN B) router WAN port is plugged into a LAN port on my pfSense (VPN A) router
    3.) My pfSense (VPN A) router WAN port is plugged into my modem

    Any advice / help / guides on what I need to do are greatly appreciated.



  • @new2pfSense2017:

    I have confirmed that my pfSense router is connecting properly to VPN A.  I am unable to get the VPN B-enabled DD-WRT router to tunnel through the pfSense router. The connection delivers the requested web pages using VPN A's exit point, but does not persist to VPN B's exit point.

    I would note the following for future reference:

    https://doc.pfsense.org/index.php/Connectivity_Troubleshooting

    I use a VPN exit location (Germany, let's say) on pfsense. I use a separate VPN exit location (Paris) on a client on the LAN of the pfsense router. The client still shows DNS exiting from the client VPN location (Paris), not the pfsense router location (Germany). This is accomplished without the use of opening ports or "VPN pass-through."

    I would run through the connectivity troubleshooting with a client connected directly to the pfSense, leaving the second ddWRT router of the diagnostic test and note your findings. Also check your NAT settings on the pfsense router. Take a screen grab of your Outbound NAT settings and post them here.


Log in to reply