OpenVPN Inter-client communication option doesn't work
-
The Inter-client communication option in the OpenVPN server configuration does not function properly. The XML file shows yes if it's checked, but does not add the line client-to-client to the server config file at /var/etc/openvpn/server1.conf
Version: 2.4.4p1 and 2.4.4p3
Has anyone else noticed this problem?
-
I played around and it works for me in all Remote Access Modes:
Remote Access (SSL/TLS)
Remote Access (User Auth)
Remote Access (SSL/TLS + User Auth)It is NOT working in Peer to Peer (SSL/TLS) Mode.
This looks more like a GUI Bug to me, I don't think inter-client should be there in this mode.Which mode are you running?
-Rico
-
Hello,
I am using the mode: "Peer to Peer (SSL / TLS)"
According to the manual: https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/configuring-a-site-to-site-pki-ssl-openvpn-instance.htmlAt times I need to access between the remote points, so I enabled the client-to-cient option and I noticed that it did not work.
-
You need to set your local and remote networks in OpenVPN and add Firewall Rules.
-Rico
-
Yes like that ^^^ and do not enable client-to-client...
-
OK, I'm going to study the implications of changing to the "Remote Access (SSL / TLS)" model by applying the client-to-client configuration on it
-
Well you should use Peer to Peer if you want to connect two Sites.
And you don‘t need the inter-client option there.-Rico
-
Just for info, pfSense will not see the OpenVPN client packets when Inter-client communication is enabled making it impossible to filter.
https://community.openvpn.net/openvpn/wiki/Topology
-
Thanks to all for your help
-
Nice overview @Pippin thanks.
-Rico
-
Welcome :)