OpenVPN from guest vlan to production vlan

  • im trying to accomplish to connect OpenVPN in guest vlan to connect to a server in production vlan. What is the best way to accomplisch this?

    VPNs have nothing to do with VLANs. A VPN provides a connection to the firewall and the traffic for it can be routed appropriately.

  • yes but the server to connect to is in vlan 1 connected to a pfsense

    the laptop is in guest vlan 2 connected to the same pfsense.

    The laptop user want to connect true openvpn to make an connectop to the server.

    Then set up the appropriate routing. It works just the same whether VLAN, VPN or regular interface. Routing is routing.

  • yes but the problem is that the laptop cannot make an openvpn connection when it is connected to the guest vlan.

    when the laptop is out of office then everything is working ok.

    i gues it is not an routing issue but more like an nat reflection (or something) issue?

  • So you have a running OpenVPN server already and want connect to it from outside as well as from the guest VLAN?

    So assuming you're connecting to the server by using its FQDN hostname and that hostname is resolved to the WAN IP in the guest VLAN, you only need to add a firewall rule which permits that access. Just add a rule to the guest interface allowing the OpenVPN access to the WAN address.