Bi-Directional Access and 3 way (SOLVED)
-
Hi guys…new user here...1st post
I searched the forums for the answer and every situation is different. I have a 3 site setup working kinda.
Master site (server site) 192.168.1.0 (pfSense 192.168.1.1) OpenVPN Server
Remote site A 192.168.2.0 (Asus Merlin 192.168.2.1) OpenVPN client
Remote site B 192.168.3.0 (Asus Merlin 192.168.3.1)OpenVPN client
VPN net 192.168.100.0
I can access the server side from any of the remote sites. But I cant access from server side to remote side. So it looks like the routing is working on the remote sites but not server site. How do I make this happen? Looks like I have to add something on the pfSense config somewhere but I cant figure it out. After I get this working, then I would be looking to get all nets talking to each other, remote sites talking to each other. Not necessary now but in the future I would like the remote sites to talk to each other.
-
Anyone?
-
You have to set up a client specific override for each client. This only works with SSL Auth.
At "Common Name" enter the common name you've set in the clients certificate. At "IPv4 Local Network/s" enter the LAN network behind the server and the LAN behind the respective other client, in the "IPv4 Remote Network/s" box enter the LAN network behind the meant client. All networks in CIDR notation and comma separated.
-
You have to set up a client specific override for each client. This only works with SSL Auth.
At "Common Name" enter the common name you've set in the clients certificate. At "IPv4 Local Network/s" enter the LAN network behind the server and the LAN behind the respective other client, in the "IPv4 Remote Network/s" box enter the LAN network behind the meant client. All networks in CIDR notation and comma separated.
YOU ARE A LIFE SAVER!! All I did was change to peer to peer SSL/TLS, added net info into remote nets, and the client specific entries. And it worked! A to B, B to C, and A to C. 3 Way VPN! Thanks brother!!