Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN Site-to-site 4 sites OPENVPN

    Scheduled Pinned Locked Moved OpenVPN
    8 Posts 1 Posters 977 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rayx
      last edited by

      Hello, I want to make a VPN connection site-to-site (shared key) between 4 sites with OPENVPN, and I want the 4 sites to see each other.
      At the moment, the site to site tunnel with the server and the other sites works correctly, but the B, C and D sites can not be seen between them.

      My question is, on the server side, should I add 3 VPN servers?
      Or create 1 alone and configure it in some predefined way?

      And on the client side, how do I see / configure the other sites?

      All have a range:
      10.1.0.0/16 - HEADER A - Server
      10.2.0.0/16 - HEADQUARTERS B
      10.3.0.0/16 - HEADQUARTERS C
      10.4.0.0/16 - HEADING D

      I have configured this on the server, in the tunnel to the B site, but I do not know if I'm doing it right (since it does not work) to replicate it in the other tunnels:

      In Custom options
      push "route 10.3.0.0 255.255.0.0"; push "route 10.4.0.0 255.255.0.0"

      Thank you

      1 Reply Last reply Reply Quote 0
      • R
        rayx
        last edited by

        Ok, I've seen that I did not do it well, to pass the routes you have to configure Peer to Peer (SSL / TLS)
        I have configured it in server and client, and I can establish the VPN connection between the 2, but do not communicate with each other networks, and I do not know why

        1 Reply Last reply Reply Quote 0
        • R
          rayx
          last edited by

          Any idea?

          1 Reply Last reply Reply Quote 0
          • R
            rayx
            last edited by

            If I do a ping from the pfsense of (10.2.0.0/16 - SEDE B) to a server computer (10.1.0.0/16 - SEDE A - Server), it answers me.
            If I do a ping from the pfsense of (10.1.0.0/16 - SEDE A - Server) to a team of (10.2.0.0/16 - HEADQUARTER B) he does not answer me.

            1 Reply Last reply Reply Quote 0
            • R
              rayx
              last edited by

              VPN server configuration:
              https://imgur.com/a/WePHU

              Firewall / Rules / WAN (Server):
              https://imgur.com/a/ExQEO

              Firewall / Rules / OpenVPN (Server):
              https://imgur.com/a/ixs51

              VPN client configuration:
              https://imgur.com/a/lYw9B

              Firewall / Rules / WAN (Client):
              https://imgur.com/a/EOcY0

              Firewall / Rules / OpenVPN (Client):
              https://imgur.com/a/8kpyS

              I have nothing else configured in any pfsense, only the certificates for the VPN connection, but these work because the VPN gets up.

              1 Reply Last reply Reply Quote 0
              • R
                rayx
                last edited by

                Please any help?

                Server log OpenVPN:
                https://imgur.com/a/gVWmE

                Client log OpenVPN:
                https://imgur.com/a/Xz8dg

                1 Reply Last reply Reply Quote 0
                • R
                  rayx
                  last edited by

                  any help¿?

                  1 Reply Last reply Reply Quote 0
                  • R
                    rayx
                    last edited by

                    solved
                    the common name of the client's certificate was not the same

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.