Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multi-Hop OpenVPN

    OpenVPN
    3
    3
    621
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Rolster
      last edited by

      I have an OpenVPN installation running between my head office for Business "A" and the Head Office for Business "B".
      It works really well and does what I want it to do.

      In both businesses, I have multiple sites that also need to connect across the OVPN tunnel, but we don't the necessay L3 routing in place to get their traffic to each of the head offices.

      In my head, I believe that this should be possible, by installing a PFS OVPN client at each site.
      The local traffic can be forwarded into the LAN interface without issue.
      I want the traffic to travel via the WAN interface to the LAN interface of the successfully connected installation, then travel through the working inter-site tunnel to the partner business.

      I think it should be "do-able", but haven't got it working yet.

      Any tips or advice?

      JKnottJ J 2 Replies Last reply Reply Quote 0
      • JKnottJ
        JKnott @Rolster
        last edited by

        @rolster

        What you need is appropriate routing. A VPN is nothing more than an IP connection, just like any other.

        PfSense running on Qotom mini PC
        i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
        UniFi AC-Lite access point

        I haven't lost my mind. It's around here...somewhere...

        1 Reply Last reply Reply Quote 0
        • J
          Jarhead @Rolster
          last edited by

          @rolster said in Multi-Hop OpenVPN:

          I have an OpenVPN installation running between my head office for Business "A" and the Head Office for Business "B".
          It works really well and does what I want it to do.

          In both businesses, I have multiple sites that also need to connect across the OVPN tunnel, but we don't the necessay L3 routing in place to get their traffic to each of the head offices.

          In my head, I believe that this should be possible, by installing a PFS OVPN client at each site.
          The local traffic can be forwarded into the LAN interface without issue.
          I want the traffic to travel via the WAN interface to the LAN interface of the successfully connected installation, then travel through the working inter-site tunnel to the partner business.

          I think it should be "do-able", but haven't got it working yet.

          Any tips or advice?

          So you have a site to site tunnel between A and B?
          How are the "multiple sites" connected? Just to A, just to B, between both?
          I don't know what PFS is, do you mean pfSense? If so, yes, that would work, but not necessary. Any OpenVPN client would work.

          What JKnott means is you just need the correct static routes between sites. The OpenVPN config will add them if done right.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.