Configure VPN behind ISP > USG >pfsense(VPN)



  • Good afternoon,

    I want to create a VPN to access my office services from home.
    For now I have a unifi USG and I make tunnels to access services, but this is no longer enough for 1 user, it has been expanded and now there are several users who need it.

    For this I have tunnels with port forwarding and so I access various services from outside.

    Anyone have a tutorial or manual set up pfsense to perform VPN behind a USG.

    My idea was to open outer port -> forward to USG -> forward to pfsense.
    I think it would be double NAT?
    or how can I create the VPN service behind USG?

    this is my network:

    Screenshot_3.png

    help please how to fix it.
    Thank you very much!!



  • @juanki_hd

    hi,

    it seems to me that, you are using pfSense only......., because of the OpenVPN server

    @juanki_hd "I think it would be double NAT?" - (you already have one)

    your current system also have dual-NAT configuration
    (ISP router to USG = double-NAT, because RFC1918 192.168......172.10.......)

    BTW: pfSense has more serious abilities than a USG and is more customizable.

    all your problems will be solved, if you put your ISP device in bridge mode and pfSense will replace USG
    and USG will be listed on eBay (yeah, joke, but possible) 😉


Log in to reply