Test Site to Site VPN before deploying
-
Is that tethered to your cell phone? If so, it's entirely appropriate, as there aren't enough IPv4 addresses to provide public addresses to mobile devices. However, while you could connect to the other system from that address, you won't be able to connect to it.
-
The WAN IP 172.20.10.2 is tethered to my cell phone.
I tried again to connect the iphone to the client pfsense box following this thread
Plugin iPhone to USB port on pfSense
In the CLI check the ugen # and place in command below
usbconfig -d ugen3.2 dump_all_desc
Find the configuration index # that has PTP+Apple Mobile Device + Apple USB Ethernet
if it is in Configuration index 3 issue this command
usbconfig -d ugen3.2 set_config 3
ue0 now shows up in the interface options or ifconfig
Disable WAN interfaceIt also gives the same private IP address on the client PFSense box.
If I can't connect to that address I will only be able to test the site to site VPN one way. Am I correct that that's useless? Is my only option to take it to another location and test it?
-
@NasKar said in Test Site to Site VPN before deploying:
Plugin iPhone to USB port on pfSense
In the CLI check the ugen # and place in command below
usbconfig -d ugen3.2 dump_all_desc
Find the configuration index # that has PTP+Apple Mobile Device + Apple USB Ethernet
if it is in Configuration index 3 issue this command
usbconfig -d ugen3.2 set_config 3
ue0 now shows up in the interface options or ifconfigWhat's all that stuff???? All I did was connect the USB cable and enabled tethering on the phone. Then ue0 appeared, which I was then able to configure as opt4. It's a simple as that.
Any yes, the phone will give you a private address. However, it should still be possible to test from that address to the pfSense system, which I assume has a public address. If you want to test both ways, then do what I suggested with another router (or even direct Ethernet connection, if you don't mind manual configuration), to emulate connections to the Internet, so you can test in both directions. All you need to test is a couple of addresses. It doesn't matter if you're actually connected to the Internet or not, for the purposes of the test.
-
@JKnott said in Test Site to Site VPN before deploying:
What's all that stuff???? All I did was connect the USB cable and enabled tethering on the phone. Then ue0 appeared, which I was then able to configure as opt4. It's a simple as that.
Apparently it works perfect if you plug an Android phone in but with an iPhone the ue0 doesn't appear without the steps I outlined.
@JKnott said in Test Site to Site VPN before deploying:
then do what I suggested with another router
I'm having trouble understanding how to set that up. Are you saying to setup my spare router and not connect the WAN port and connect the 2 pfsense routers to the LAN ports of the spare router with DHCP. Disconnecting my PFsense Server from my ISP temporarily to test things. To clarify I made a diagram. Then I could ping from the laptop to the Win10 computer and from the Win10 computer to the laptop.
-
@NasKar said in Test Site to Site VPN before deploying:
Apparently it works perfect if you plug an Android phone in but with an iPhone the ue0 doesn't appear without the steps I outlined.
I have USB tethered computers to both Android and iPhone. Never had a problem with either, which is more than I can say about WiFi tether to iPhone.
As for that router. My understanding is that you want to test the 2 devices. Well yes, can do that without any Internet connection. All you need is some way for the 2 devices to communicate. The LAN side of a router will do that. As I mentioned, you could even do it with just an Ethernet cable, if you don't mind doing manual configuration of the IP address, etc..
-
@JKnott I don't know why but I couldn't get the router without an internet connection to work. After starting from scratch creating a pfsense server and pfsense client tethered with the iphone everything works. BTW I can ping in both direction with the iphone on a pvt network. Thanks for your help I learned alot.