Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Manage a pfSense Cluster from OpenVPN.

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 463 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ramses.sevilla
      last edited by

      Hi everyone,

      I have a pfsense Cluster with OpenVPN.

      From LAN Interface, I can do Ping to all interfaces and VLAN and manage two nodes without problems.

      I want manage the Cluster from a User connected through OpenVPN but I only can connect to Master node.

      From the User VPN I can Ping to all Interfaces and VLAN's of the Master node and manage it, but I can Ping to any Interface neither VLAN of the Slave node.

      Can you tell me if I need add or modifi any option to permit me manage both nodes from a OpenVPN User?

      Regards and thanks,

      Ramsés

      1 Reply Last reply Reply Quote 0
      • RicoR
        Rico LAYER 8 Rebel Alliance
        last edited by

        Hi,
        check out https://docs.netgate.com/pfsense/en/latest/highavailability/troubleshooting-vpn-connectivity-to-a-high-availability-secondary-node.html

        -Rico

        1 Reply Last reply Reply Quote 2
        • R
          ramses.sevilla
          last edited by

          @rico I have some doubt:

          I have in the pfSense Cluster various IPsec VPN that pfSense create the Outbound NAT Rules automatically to each one.

          In the link, to create the Outbound NAT Rule I need configure Outbound NAT Mode as Manual or Hybrid.

          If I configure the Outbound NAT Mode as Hybrid:

          • Do I lose any automatic Outbound NAT Rule added previously?

          • If I add a new IPsec Phase 2, pfsense add automatically the passthrough Outbound NAT Rule or I need add it manually after create the new IPsec Phase 2?

          Regards and thanks,

          Ramsés

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @ramses.sevilla
            last edited by

            @ramses-sevilla
            Hybrid mode means automatically generated rules plus manually added ones.

            If you change into the hybrid mode all automatically generated rules are preserved.

            1 Reply Last reply Reply Quote 0
            • RicoR
              Rico LAYER 8 Rebel Alliance
              last edited by

              Yeah, hybrid should work just fine for you.

              -Rico

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.