Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVpn site to site from specific port

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 562 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      java4dev
      last edited by

      Hello

      I am trying to setup a vpn tunnel between three sites A, B and C.
      I want to be able to get to the internet via site A but only from one of the ethernet ports.
      On site C pfsense I have following ethernet ports:

      • WAN to the internet
      • list itemLAN for the local LAN traffic should go out normal through WAN
      • list itemOPT1/VPVsiteA all traffic should go via opentunel to site A
      • list itemOPT2/VPNSiteB all traffic should go via opentunel to site B

      I went through most of the articles I could find on the internet but I haven't find any information on how to specify which ethernet port to use on site C for the OpenVPN tunnel client configuration.
      I want only the network traffic from ethernet port 3/OPT1 to the vpn tunnel to siteA
      and port 4/OPT2 to only allow traffic to vpn tunnel to siteB.
      The server side seems to be easy to setup as you specify on the server side of the OpenVPN configuration on which interface to listen.
      But on the client side of the configuration there is no way to configure on which interface to attach the tunnel for the originating traffic. There is only an option for the originate OpenVPN client connection.

      Thank you in advance for your help
      Nikolas

      1 Reply Last reply Reply Quote 0
      • viktor_gV
        viktor_g Netgate
        last edited by

        you need to create policy route rules for these interfaces
        see https://docs.netgate.com/pfsense/en/latest/book/multiwan/policy-routing-configuration.html

        1 Reply Last reply Reply Quote 0
        • J
          java4dev
          last edited by

          Hi

          I have activated an interface based on the vpn connection.
          I then went and created a new Gateway using this new vpn interface.
          But when I select one of the existing interfaces to select the new vpn gateway I cannot do that.
          On the interface window I get
          IPv4 Upstream gateway none.

          I get the option to create a new gateway but I do not see existing ones.
          If I try to create a new one and add as IP the client side IP of the VPN tunnel I am getting the error
          The gateway address 10.10.0.2 does not lie within one of the chosen interface's subnets.
          Any ideas how to make site to site OpenVPN to work.
          At the moment I am not able to get any internet traffic through the VPN tunnel.

          I have followed instructions from here as well
          https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/routing-internet-traffic-through-a-site-to-site-openvpn-connection-in-pfsense-2-1.html

          https://docs.netgate.com/pfsense/en/latest/book/openvpn/site-to-site-example-configuration-shared-key.html

          J 1 Reply Last reply Reply Quote 0
          • J
            java4dev @java4dev
            last edited by

            Hi
            is there anyone who has already setup site to site OpenVPN who can help me?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.