pfSense as remote client to VPN Host WAN Problem
-
Followed this guide.
https://www.youtube.com/watch?v=lp3mtR4j3LwSetup:
Site A: pfSense WAN_VPN Client Interface
Site B: pfSense VPN Host Server (Remote Access)Issue: Clients connected to the WAN_VPN get directed to Site B as desired but the other clients lose WAN. If I disable interface, WAN returns.
WAN_VPN Client Detail:
Bars the server from adding routes to the client's routing table [checked]
Advanced: redirect-gateway def1;System->Routing->WAN is Default
I worked around it by setting applicable firewall rules on LAN to use the Advanced->Gateway->WAN but there must be a different solution. Why would the default gateway WAN not be used? How can I debug this? Thanks!
-
So you want to connect two Sites with OpenVPN?
You followed the wrong guide then... generally speaking OpenVPN as a WAN is used to tunnel all traffic through some VPN provider.
Setup one Site as OpenVPN Server in Peer to Peer (SSL/TLS) or Peer to Peer (Shared Key) mode and connect the other Site as OpenVPN Client in the same mode.
Here you have the matching Video hangouts:
https://www.netgate.com/resources/videos/site-to-site-vpns-on-pfsense.html
https://www.netgate.com/resources/videos/advanced-openvpn-on-pfsense-24.html-Rico
-
I already have Site-to-Site and that was easy. What this does is route all traffic from a specific subnet in Site A to WAN of Site B - just like a Privacy VPN.
-
You can Policy Route traffic back and forth like you want just with Firewall Rules. I'm 99% sure @jimp covered this in one of the hangouts I've already linked you.
But DON'T setup any crazy stuff like Remote Access VPN and use it for a site to site.-Rico
-
@Rico Clients connected to the WAN_VPN get directed to Site B as desired but the other clients lose WAN. If I disable interface, WAN returns.
I worked around it by setting applicable firewall rules on LAN to use the Advanced->Gateway->WAN but there must be a different solution. Why would the default gateway WAN not be used?
