two pfsense routers



  • hi
    got a pfsense router at location 1 with openvpn server enable the dhcp server enable freeradius and the captive portal enable, what i will like to do is have one pfsense router at a remote location acting as a openvpn client to location 1 and acting as a dhcp relay client and passing all login request from the remote wifi acess points clients to the captive portal and freeradius at location 1 and getting internet access and local servers from location 1.
    and have both internet modems bonded?
    if this is possible how would i setup both routers to get it working?
    thanks


  • Netgate Administrator

    It is possible but not straight forward. the DHCP relay can only attach to interfaces that have a MAC address and that means not OpenVPN interfaces in TAP mode. You can do it by putting the OpenVPN link as TAP and then routing across it as though it were TUN.
    However do you really want to have this setup like this? If the link goes down for whatever reason the entire network at the remote site will fail.

    Steve



  • yes that outcome had cross my mind. so the best way is too have the remote router act as a stand alone with its own dhcp server and captive portal and only used the openvpn as a client so as to be able to be manage and for the ubnt access points to communicate to the unms at the noc.


  • Netgate Administrator

    That would certainly work and would give more redundancy. You could still forward all traffic over the VPN and use the one Captive Portal at the server end for both networks if that's what you want. It depends what your goal is here.

    Steve



  • yes this what i was hoping to be able too do is too have one captive portal at the server end and have all the internet traffic go back to the remote modem. what i have running now is that the captive portal has an ad server on the server end were clients would click on an ad or info and get internet access were the ad would full in the login info in the captive portal would that still work at the remote location as all of the traffic would be coming to the server end? also at the server i've got the captive portal doing a redir to a webpage were the client would have to click on tab to get the captive portal page to come up then they could click on an ad to get internet access.
    would this work if i set the remote as a stand alone


Log in to reply