4. OpenVPN Site-to-Site as default for one Subnet-Interface

OpenVPN Site-to-Site as default for one Subnet-Interface

  • Y

    Hello,

    i have 2 pfsense wich are connected via a Site-to-site Openvpn network. The connection works between both sides.

    But i want to force one local network (opt1) to use the other sides WAN to access the internet.

    So this is the wanted route for any traffic:

    PC > opt1-L > pfsense-L -------vpn------- pfsense-R > Internet

    I tried to setup a Rule for opt1-L like:
    from: Any
    to: Any
    (Advanced) force Gateway: OpenVPN-Gateway
    Set the rules on the pfsense-R side to allow all traffic from ANY to ANY on pfsense-R (VPN&Network)

    The OpenVPN-Server is pfsense-R
    The traffic from LAN must still be routed via the local WAN of pfsense-L

    Does anyone has a suggestion for this setup?

    0
  • V

    • "OpenVPN-GW" is handled as a gateway group including all OpenVPN instances (servers and clients) on pfSesne. So if you running multiple OpenVPN instances on L assign an interface to the concerned one and use the gateway of it for policy routing.
    • On pfSense R add an outbound NAT rule to the WAN interface for the source network opt1, translating source addresses to the WAN address.
    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy