OpenVPN - access to remote client lan
I have an openvpn server running on the pfsense. Here are 3 clients connected by default. They have access to my network. So far everything works great.
But! Now I want to access a remote client network.
My Openvpn server is currently running in Remote Access mode (SSL / TLS + User Auth).
Remote Client LAN: 192.168.2.0/24
Is it possible to do that? If yes how :)?
Yes, but there are some things you have to configure on the client to get that working:
- The clients firewall must allow the access and pass packets through to the LAN.
- The client must do masquerading on packets going to the LAN, otherwise you would need static routes on the LAN devices to direct response packets back.
On the server you have to configure a client specific override for that client. Here you can assign a specific IP to the client and set the remote networks which you want to reach behind the client to instruct pfSense to add the proper routes.
@viragomann thanks for Replay.
I have set everything on the client side.
What do I have as override deposit in the PFSense?
You may set there any parameters you want. Mainly you have to enter the client certs common name, a specific tunnel network (/30), the "IPvX Local Network/s" as you already have in the server settings and the "IPvX Remote Network/s", where you have to enter the clients site local networks.