Multiple VPNs talking to each other
Sorry, I've searched a bit, and I'm still not sure what to do, I'm not quite understanding the iroute vs route / push route and where the options need to go (server side, client side?).
Main office A 10.1.1.0/24
Remote office B 10.1.2.0/24
Remote office C 10.1.3.0/24
I have 3 instances of OpenVPN servers running at Main Office A:
Site to Site for B
Site to Site for C
Remote Access for Road Warriors
All 3 are working:
A & B can talk to each other.
A & C can talk to each other.
Road warriors can talk to A
What I would like is:
1.) for B&C to be able to talk to each other.
2.) for the road warriors to be able to also talk to B&C while connected to A.
What's the best way to tackle this?
In pfSense you can configure this on the GUI. There is no need to enter a route or iroute command.
In the client config of site B the "IPv4 Remote network/s" box should look like this:
10.1.1.0/24,10.1.3.0/24,<Access server tunnel network>
on site C:
10.1.1.0/24,10.1.2.0/24,<Access server tunnel network>
Replace <Access server tunnel network> to match your road warriors tunnel network.
And in the Access server modify the "IPv4 Local network/s":
Ensure that you have firewall rules in place on all nodes that permit the access you need.
Thanks for the response. It works like a charm for the remote access VPN, but I'm still not able to get B & C talking to each other through A. Do I need to change the server settings at site A to allow this?
At all 3 sites I have allow all traffic on the firewall rules for OpenVPN
Have you already added interfaces to the OpenVPN instances on A?
I did not create interfaces for them. Should I?
In some scenarios that's necessary for handle the routing with multiple VPNs.
Just assign an interface to the VPN instance and enable it.
Otherwise check the routes on site B and C and use traceroute to find out where the packets go to.