Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multisite, VLAN and routing

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 483 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      M0L50N
      last edited by

      I have to do something but I dont know how.
      I have a multisite OpenVPN server.
      Site SRV - Server Side 192.168.1.0/24
      Site A - 192.168.2.0/24
      Site B - 192.168.31.0/24

      My VPN tunnels works perfecly, everyone can ping everyone.

      On Site SRV, I've setup a VLAN for some specials peripherals. VLAN 50 is local and associated to LAN network and running on network 192.168.11.0/24. Rules are OK and eveyone on that VLAN can ping each other.

      On site A and site B, I have 1 peripheral on each site who need to connect to network 192.168.11.0/24 (VLAN 50)

      Do I need to setup a VLAN on site A and B or I can simply add a route or with rules that's possible to do that? Is it best to create a new OpenVPN server just for that?

      I realy need your suggestion quickly please ... I have the weekend to resolve that!

      Thanks!

      bingo600B 1 Reply Last reply Reply Quote 0
      • bingo600B Offline
        bingo600 @M0L50N
        last edited by bingo600

        @M0L50N

        On site A and site B, I have 1 peripheral on each site who need to connect to network 192.168.11.0/24 (VLAN 50)

        I assume you have a peripheral on each remote site that needs to "communicate" with a device on the SRV VLAN50 net ... aka normal routing.

        Not that you have a peripheral on each remote site that needs to have an IP address in the network 192.168.11.0/24 (VLAN 50) - That would mean bridging via OpenVPN. I have not tried that , and would go to great lengths to avoid it.

        If routing:
        Since you have added the Vlan50 net : 192.168.11.0/24 to the site SRV.
        I i would expect you have to edit your SRV OpenVPN Server(s) and add that 192.168.11.0/24 net to the "OpenVPN route announcement".

        c5fe356b-c8da-4ab3-b8b2-72f5e5ca8716-image.png

        After you have done that, you prob. have to restart the OpenVPN Servers , in order to make sure the OpenVPN Clients receives the new routes.

        After that , you should check Diagnostics --> Routes on the clients , and verify that there is a route to 192.168.11.0/24.

        If there is , all is good. And the rest is "Just firewall rules"

        /Bingo

        If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

        pfSense+ 23.05.1 (ZFS)

        QOTOM-Q355G4 Quad Lan.
        CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
        LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

        1 Reply Last reply Reply Quote 1
        • M Offline
          M0L50N
          last edited by

          I really Thank you! I didn't think about that! That's why I post that question and I was sur someone like you had the answer!

          Thanks again, that works perfectly like that!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.