Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dedicate only one NIC HW port through openvpn

    OpenVPN
    2
    4
    291
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      netg8ter
      last edited by netg8ter

      Anybody got step-by-step instructions how to set this up?
      Needing dedicated hardware port to a work office openvpn endpoint.
      Need no possibility of mixing home personal traffic (LAN/WAN) with business office work traffic (LAN/Vpn-WAN).
      Want to use hardware port to avoid confusion.
      All traffic from dedicated port >OpenVPN WAN > Work

      (this is continuation from old thread at: https://forum.netgate.com/topic/150676/routing-only-one-port-on-nic-through-openvpn/5 with no specific examples of critical one-port-only steps, sorry i tried.
      Re: Routing only one port on NIC through openvpn

      fyi I have the instructions for setup of openvpn from the docs and general youtube vids.
      on the dedicated vpn port, want no failover, have one client device only, if work link goes down, it goes down;
      business office has all the network services, dns, etc .
      device netgate 2100, Ethernet NIC ports (LAN 2) available unused

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @netg8ter
        last edited by

        @netg8ter
        I assume, you have the OpenVPN client already up and running and your LAN2 is already configured properly.

        Then go to Interfaces > Assignments and assign an interface to the VPN client. At "Available network ports:" select the client instance, e.g. ovpnc1, hit Add at the right side. Then open the settings of the new interface, enable it and enter a friendly name and save the settings.
        This gives you a gateway for the VPN, where you can route traffic to then.

        On the LAN2 add a pass rule (I assume there isn't any yet), you can specify the IP to this of the connected device or the subnet. Destination = any, open the advanced options, go down to gateway and select the gateway of the respective VPN.

        In case your work computer pull an IP from a DHCP on your LAN2, consider that this provides the pfSense interface IP as DNS server by default.
        So you either have to configure the DHCP manually on the computer or provide the DNS of the company in your DHCP.

        N 1 Reply Last reply Reply Quote 0
        • N
          netg8ter @viragomann
          last edited by netg8ter

          @viragomann Thank you.
          You Instructions look good.
          I haven't yet configured any LAN only have default.

          Don't see how to add/activate another LAN port (LAN2)
          In Interfaces / Interface Assignments there is no Add function
          only 2 entries in Interfaces / Interface Assignments looks like this:
          WAN (mvneta0)
          LAN (mvneta1) <delete>

          Thank you for any ideas, appreciated.

          Interfaces / Switch / System shows
          Marvell 6000 series switch
          Ports
          2100 Switch Ports
          ports 1(active), 2, 3, 4, 5(active)

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @netg8ter
            last edited by

            @netg8ter
            So you have to configure the switch for 802.1q VLAN before.

            Look here for details:
            Switch Overview
            Configuring the Switch Ports

            1 Reply Last reply Reply Quote 0
            • First post
              Last post