Trying to achieve this with VPN...



  • Ok I'm trying to achieve this multi site to site setup.

    I want to have a HQ, and several remote sites that I can manage from the HQ so I'll need full access to their subnets.

    I want to have minimal input entered onto the server. Create one server (possibly ipsec?) and from then on just connect to it with clients as we add more sites.

    I want the routing table of all the computers at HQ to automatically update with whatever subnet each remote location is at.

    What is the best possible way to go about doing this in pfsense? The remote locations will be using mikrotiks.

    I've been able to pull this off with a 100% mikrotik system using ipsec/l2tp. On the remote site side, I would just create a route in the ppp-> secret section under each users profile and when we setup a new remote site, we just setup a new secret with that specific subnets route, and when it connects, it updates HQ's routing table.

    However I cannot figure out how to achieve this in PFSense :/


  • Netgate Administrator

    Neither OpenVPN or IPSec can do that without any config at the server end. However OpenVPN is far easier. Put all the remote client subnets in one large super-net and set that as the remote subnet in the main server config. Then add client specific overrides for each client site with the actual subnets set.

    When you add a nee client you will need to setup a new client login at the server and add the CSO for it.

    Steve


Log in to reply