Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Advanced OpenVPN on pfSense

    Scheduled Pinned Locked Moved Russian
    1 Posts 1 Posters 409 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • werterW
      werter
      last edited by

      Просто замечательное видео для понимания работы Openvpn на pfsense. Описаны режимы работы, работа с multiwan, динамическая маршрутизация ospf (quagga).
      Упомянуты моменты, в каком случае надо явно объявлять Openvpn интерфейсом, описаны директивы port-share, reneg-sec, allow-recursive-routing.

      Лично для себя почерпнул много интересного. Крайне рекомендую для просмотра.

      https://www.youtube.com/watch?v=ku-fNfJJV7w

      P.s. Жаль только, что .pdf на этом видео доступен только по подписке  :'(

      P.p.s. Наделал скриншотов с важными (для себя) моментами. Прикладываю. Возможно, поможет многое понять в настройке\работе Openvpn на pfsense :

      ![OpenVPN device mode tap tun.png](/public/imported_attachments/1/OpenVPN device mode tap tun.png)
      ![OpenVPN device mode tap tun.png_thumb](/public/imported_attachments/1/OpenVPN device mode tap tun.png_thumb)
      ![OpenVPN tunnel networks.png](/public/imported_attachments/1/OpenVPN tunnel networks.png)
      ![OpenVPN tunnel networks.png_thumb](/public/imported_attachments/1/OpenVPN tunnel networks.png_thumb)
      ![Shared key.png](/public/imported_attachments/1/Shared key.png)
      ![Shared key.png_thumb](/public/imported_attachments/1/Shared key.png_thumb)
      ![SLL TLS in tun net30 mode.png](/public/imported_attachments/1/SLL TLS in tun net30 mode.png)
      ![SLL TLS in tun net30 mode.png_thumb](/public/imported_attachments/1/SLL TLS in tun net30 mode.png_thumb)
      ![SSL TLS subnet mode.png](/public/imported_attachments/1/SSL TLS subnet mode.png)
      ![SSL TLS subnet mode.png_thumb](/public/imported_attachments/1/SSL TLS subnet mode.png_thumb)
      ![Single server multiwan localhost.png](/public/imported_attachments/1/Single server multiwan localhost.png)
      ![Single server multiwan localhost.png_thumb](/public/imported_attachments/1/Single server multiwan localhost.png_thumb)
      ![Multipile servers multipile WANs.png](/public/imported_attachments/1/Multipile servers multipile WANs.png)
      ![Multipile servers multipile WANs.png_thumb](/public/imported_attachments/1/Multipile servers multipile WANs.png_thumb)
      ![Client specific overrides.png](/public/imported_attachments/1/Client specific overrides.png)
      ![Client specific overrides.png_thumb](/public/imported_attachments/1/Client specific overrides.png_thumb)
      ![Servers as clients.png](/public/imported_attachments/1/Servers as clients.png)
      ![Servers as clients.png_thumb](/public/imported_attachments/1/Servers as clients.png_thumb)
      ![Share LAN subnet tun.png](/public/imported_attachments/1/Share LAN subnet tun.png)
      ![Share LAN subnet tun.png_thumb](/public/imported_attachments/1/Share LAN subnet tun.png_thumb)
      ![RA tap bridge vpn.png](/public/imported_attachments/1/RA tap bridge vpn.png)
      ![RA tap bridge vpn.png_thumb](/public/imported_attachments/1/RA tap bridge vpn.png_thumb)
      ![Random tips port-share recursive-routing reneg-sec.png](/public/imported_attachments/1/Random tips port-share recursive-routing reneg-sec.png)
      ![Random tips port-share recursive-routing reneg-sec.png_thumb](/public/imported_attachments/1/Random tips port-share recursive-routing reneg-sec.png_thumb)
      [Assign OpenVPN interfaces явно.zip](/public/imported_attachments/1/Assign OpenVPN interfaces явно.zip)
      [OSPF dynamic routed openvpn.zip](/public/imported_attachments/1/OSPF dynamic routed openvpn.zip)

      1 Reply Last reply Reply Quote 1
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.