Manage a pfSense Cluster from OpenVPN.
-
Hi everyone,
I have a pfsense Cluster with OpenVPN.
From LAN Interface, I can do Ping to all interfaces and VLAN and manage two nodes without problems.
I want manage the Cluster from a User connected through OpenVPN but I only can connect to Master node.
From the User VPN I can Ping to all Interfaces and VLAN's of the Master node and manage it, but I can Ping to any Interface neither VLAN of the Slave node.
Can you tell me if I need add or modifi any option to permit me manage both nodes from a OpenVPN User?
Regards and thanks,
Ramsés
-
Hi,
check out https://docs.netgate.com/pfsense/en/latest/highavailability/troubleshooting-vpn-connectivity-to-a-high-availability-secondary-node.html-Rico
-
@rico I have some doubt:
I have in the pfSense Cluster various IPsec VPN that pfSense create the Outbound NAT Rules automatically to each one.
In the link, to create the Outbound NAT Rule I need configure Outbound NAT Mode as Manual or Hybrid.
If I configure the Outbound NAT Mode as Hybrid:
-
Do I lose any automatic Outbound NAT Rule added previously?
-
If I add a new IPsec Phase 2, pfsense add automatically the passthrough Outbound NAT Rule or I need add it manually after create the new IPsec Phase 2?
Regards and thanks,
Ramsés
-
-
@ramses-sevilla
Hybrid mode means automatically generated rules plus manually added ones.If you change into the hybrid mode all automatically generated rules are preserved.
-
Yeah, hybrid should work just fine for you.
-Rico
