Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN IPSEC ISOLATION

    OpenVPN
    1
    1
    350
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      achraf67
      last edited by

      Hello all,

      I have a IPSEC connexion beetwen two pfsense as below.

      LAN1 (192.168.17.0/24)–---pFsense1 ----ipsec------ pFsense2--------LAN2 (10.3.4.0/20).

      I added a OpenVPN connexion to my first LAN1, in the network (192.168.18.0/24).
      My topology works well, with my mobile I can reach the 10.3.4.X devices through the OpenVPN and IPSEC tunnel.

      My question is about to isolate the OpenVPN client.
      For exemple, toto1 get a Ip adress on the OpenVPN and can reach only the 10.3.4.Y devices...
      At long term, I will have more than 300 users, and I cannot juste use firewall rules...I need a scalable solution to do that.
      Moreover, the users cannot ping others users even in the same subnet

      So my questions :

      How to isolate OpenVPN networks ? Iptables ?
      How can I log the users ? LDAP ? VLAN ?

      Thanks you for your time, your reflexion and your proposition.

      Sorry for my english.

      A+

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.