Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ISP - OpenVPN server with netgate 2100 behind and ISP router

    Scheduled Pinned Locked Moved
    OpenVPN
    openvpn
    2
    6
    868
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SteveL 0
      last edited by

      Hello,

      I have network with Netgate 2100, Friztbox 7090 and a Cisco manage switch.

      The Fritzbox is the ISP with a static Public IP.
      The Netgate 2100 is connected to the Fritzbox over WAN port.
      The CISCO switch is connected to the Netgate.

      I would like to setup a OpenVPN server on the Netgate. The client with connect to the OpenVPN to access the sub network behind the Netgate.

      My question is:

      How can I make sure the Netgate get the static public IP provide by my ISP?

      Any help on where to start it will help .

      Thank you in advance

      bingo600B 1 Reply Last reply Reply Quote 0
      • bingo600B
        bingo600 @SteveL 0
        last edited by

        @stevel-0
        Look up portforwarding on the Fritzbox.

        You would want to forward your openvpn port (usually UDP/1194) to your Netgate 2100 IP address.

        /Bingo

        If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

        pfSense+ 23.05.1 (ZFS)

        QOTOM-Q355G4 Quad Lan.
        CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
        LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

        1 Reply Last reply Reply Quote 1
        • S
          SteveL 0
          last edited by

          This post is deleted!
          S 1 Reply Last reply Reply Quote 0
          • S
            SteveL 0 @SteveL 0
            last edited by

            Thank you @bingo600,

            Where do I need to enter the Static Public IP provide by ISP to the Netgate Configuration ? For the OpenVPN Server configuration

            Thank you

            bingo600B 1 Reply Last reply Reply Quote 0
            • bingo600B
              bingo600 @SteveL 0
              last edited by bingo600

              @stevel-0
              You don't need to enter the public ip address in the openvpn server.

              The FBox will handle the public ip , and only forward the data that matches the portforwarded port to the 2100.

              When generating Client Configs (after the server is done)
              You would need to use "other" , and specify the Fbox public ip , in the Netgate OpenVPN client export.

              54339815-58e2-41b5-b334-05590111aa00-image.png

              But first concentrate on the portforwarding in the Fbox.

              My guess is that you "somehow" in order to do portforwarding on the Fbox , would have to:

              1: Make sure your 2100 had a permanent Wan ip address , either static or Mac-locked DHCP .. I'd use static.

              2: Somehow tell the Fbox about the port you want it to portforward from public wan to "inside ... aka 2100 wan ip "

              So you'd prob need to give the Fbox this info.
              Public IP port to forward : UDP/1194
              Inside Port to forward to : UDP/1194
              Inside IP to forward to : 2100 Wan ip (on Fbox lan)

              Ps:
              There's a German section on the forum , they are also helpfull in English there.
              There might be a FBox guru there.
              https://forum.netgate.com/category/7/deutsch

              /Bingo

              If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

              pfSense+ 23.05.1 (ZFS)

              QOTOM-Q355G4 Quad Lan.
              CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
              LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

              S 1 Reply Last reply Reply Quote 1
              • S
                SteveL 0 @bingo600
                last edited by

                Thank you @bingo600 for your help, advice and clear information. I will implement it like you advice and give you a feedback :-)

                Thank you

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post