4. OpenVpn site to site from specific port

OpenVpn site to site from specific port

  • J

    Hello

    I am trying to setup a vpn tunnel between three sites A, B and C.
    I want to be able to get to the internet via site A but only from one of the ethernet ports.
    On site C pfsense I have following ethernet ports:

    • WAN to the internet
    • list itemLAN for the local LAN traffic should go out normal through WAN
    • list itemOPT1/VPVsiteA all traffic should go via opentunel to site A
    • list itemOPT2/VPNSiteB all traffic should go via opentunel to site B

    I went through most of the articles I could find on the internet but I haven't find any information on how to specify which ethernet port to use on site C for the OpenVPN tunnel client configuration.
    I want only the network traffic from ethernet port 3/OPT1 to the vpn tunnel to siteA
    and port 4/OPT2 to only allow traffic to vpn tunnel to siteB.
    The server side seems to be easy to setup as you specify on the server side of the OpenVPN configuration on which interface to listen.
    But on the client side of the configuration there is no way to configure on which interface to attach the tunnel for the originating traffic. There is only an option for the originate OpenVPN client connection.

    Thank you in advance for your help
    Nikolas

    0
  • Global Moderator

    you need to create policy route rules for these interfaces
    see https://docs.netgate.com/pfsense/en/latest/book/multiwan/policy-routing-configuration.html

    0
  • J

    Hi

    I have activated an interface based on the vpn connection.
    I then went and created a new Gateway using this new vpn interface.
    But when I select one of the existing interfaces to select the new vpn gateway I cannot do that.
    On the interface window I get
    IPv4 Upstream gateway none.

    I get the option to create a new gateway but I do not see existing ones.
    If I try to create a new one and add as IP the client side IP of the VPN tunnel I am getting the error
    The gateway address 10.10.0.2 does not lie within one of the chosen interface's subnets.
    Any ideas how to make site to site OpenVPN to work.
    At the moment I am not able to get any internet traffic through the VPN tunnel.

    I have followed instructions from here as well
    https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/routing-internet-traffic-through-a-site-to-site-openvpn-connection-in-pfsense-2-1.html

    https://docs.netgate.com/pfsense/en/latest/book/openvpn/site-to-site-example-configuration-shared-key.html

    0
    J
     1 Reply
  • J

    Hi
    is there anyone who has already setup site to site OpenVPN who can help me?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy