Site 2 site vpn question
can someone please explain me how to setup a bidirectional ovpn-tunnel
between two pfsense walls?
I have office1 running pfsense and office2 running it,
do i have to configure only one tunnel from office1
to office2 (office1=client, office2=server) to get
it work in both directions or do i have to setup
client and server vpn on both sites?
Is there some documentation for site 2 site OpenVPN?
sullrich last edited by
well, i read that, but it doesn't seem to focus on site 2 site. I don't want bridging.
ok, i read it 10 times now, i really don't see something about site to site
Can somebody please tell me in some short words what i have
to do to configure a tunnel that works in both directions?
I have created a tunnel as described in the doc, and i entered
the remote network for site 2 site vpn, but i can only connect
from office1(ovpn configured as client) to office2(ovpn configured
xibalba last edited by
if you have pfSense on both ends, I'd recommend setting up IPSec. It is amazingly easy and quick to setup. There is plenty of documentation on the site regarding a site to site (router to router) IPSec VPN. I currently use pfSense between my house, my friends house and our colocation center with an IPSec VPN flawlessly (aside from some virtual ip issues.(http://forum.pfsense.org/index.php/topic,2361.0.html)).
fernandotcl last edited by
OpenVPN IPsecs are nothing more than a tun/tap (in this case, tun) interface linking both endpoints together. All OpenVPN does is to create the tunnel and then (optionally) set routes to emulate a local network. Therefore, OpenVPN is essentially site-to-site friendly.
If you can't access from A to B, you are not filling the "Remote network" fields correctly. Check your config.
thinair last edited by
I run a point to point OpenVPN between two pfsense boxes, what do you need to know? :)
tunge2 last edited by
the site 2 site is very simple to set up (with the pdf document)…. but is it also possible to connect 3 pfsense client machines to one openvpnserver-pfsensemachine and routed the networks behind the 3 pfsense machines......(i don't want to open to much external (firewall) ports
NETWORK1 NETWORK2 NETWORK3
| | |
OPENVPNCLIENT1 OPENVPNCLIENT2 OPENVPNCLIENT3
| | |
PFSENSE1 PFSENSE2 PFSENSE3
| | |
So that PC2 can ping PC1 and PC3 and PC3 can ping PC2 and PC1 and PC1 can ping PC2 and PC3