Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    VPN and Netgate 1100

    OpenVPN
    2
    7
    238
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dbass last edited by

      Hello all,

      I appreciate you reading this.

      I just set my Netgate 1100 and OpenVPN.

      The OpenVPN server gave me an IP of 192.168.1.xxx

      How can a client computer connect to the Netgate 1100 OpenVPN from another location if the IP address is not even reachable offsite?

      Can you assign a static IP to the OpenVPN?

      Thank you

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS @dbass last edited by

        @dbass I don't have one handy to look at, at the moment, but did you select the WAN interface?

        https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-ra.html#general-openvpn-server-information

        @dbass said in VPN and Netgate 1100:

        Can you assign a static IP to the OpenVPN?

        To the remote client? With RADIUS one can assign an IP. At least, I've done that with IPSec.

        Steve

        Only install packages for your version, or risk breaking it. If yours is older, select it in System/Update/Update Settings.
        When upgrading, let it finish; do not reboot early. Allow 10-15 minutes, or more depending on packages and device speed.

        D 1 Reply Last reply Reply Quote 0
        • D
          dbass @SteveITS last edited by

          @steveits

          Hi Steve

          Thanks for the reply. I mean on the server where the Netgate 1100 is connecting. It gives me a private Network range. Example, my server had a static IP address before, but when I plug the Netgate 1100 into my myserver, It wants to assign network ranges of 192.168.1.xxx to the server. It says my static IP is out of range.

          I hope I am explaining that ok.

          Thanks

          S 1 Reply Last reply Reply Quote 0
          • S
            SteveITS @dbass last edited by

            @dbass Are you trying to use the 1100 as a VPN client? A site to site would be more like https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html. The IP ranges on each LAN don't need to change, the routers handle routing packets.

            If that's not the case can you post a diagram?

            Steve

            Only install packages for your version, or risk breaking it. If yours is older, select it in System/Update/Update Settings.
            When upgrading, let it finish; do not reboot early. Allow 10-15 minutes, or more depending on packages and device speed.

            D 1 Reply Last reply Reply Quote 0
            • D
              dbass @SteveITS last edited by

              @steveits Hi Steve,

              Yes, that is correct. I am trying to use the 1100 as the VPN. I will look at the document.

              Thanks

              D 1 Reply Last reply Reply Quote 0
              • D
                dbass @dbass last edited by dbass

                @dbass

                Steve, one ore question. Thank you for your help!

                Maybe I am not understanding this, or doing this wrong. Let me explain my Use Case.

                I want users to be able to see our network from home.

                I have the server ip address set as a static IP. 47.xxx.xxx.xxx

                When I installed the Netgate. It said to take out the Nwtwork Cable that usually goes into the server, and plug it into the Netgate 1100 WAN Port. Then I take another ethernet cable that is plugged into the LAN port of the 1100 and plug that into the server as its IP Source.

                The Netgate wants everything to be on the 192,168,1,xxx network on the server.

                So all network traffic is going through the Nethate 1100 first before going to the server.

                Is this wrong? Maybe

                Another thought. The server has multiple NIC cards. Maybe I use my source Network cable in one and use another NIC card to route the Netgate?

                Thanks

                S 1 Reply Last reply Reply Quote 0
                • S
                  SteveITS @dbass last edited by

                  @dbass A public IP can only be used once. If you use NAT then LAN gets a private IP range, and you need NAT port forwarding rules to connect to the server on LAN.

                  If the server actually needs a public IP then you need to get another IP range from the ISP so they can route the public IP to you.
                  https://docs.netgate.com/pfsense/en/latest/recipes/route-public-ip-addresses.html

                  Steve

                  Only install packages for your version, or risk breaking it. If yours is older, select it in System/Update/Update Settings.
                  When upgrading, let it finish; do not reboot early. Allow 10-15 minutes, or more depending on packages and device speed.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post