OpenVPN and routing between muliple subnets?
-
Here's what I am trying to set up for our lab at work:
4 public IP's. 1 LAN subnet for each public IP. pfSense is running on ESX, so the number of NIC's is not a problem. It would be great to access each LAN remotely with OpenVPN, terminated to 1 public IP. This can be done under "additional options" under OpenVPN, but as far as I can tell, I'll need to use IP adresses to "push", instead of interface names (LAN's) here. The 4 local subnet addresses are likely to change quite often, so it's not very flexible to update the VPN settings each time…
There's probably much more clever ways to explain my wishes ::)
-
Alright, here's a simplified drawing of what I want:
In short: I want 3 separated subnets attached to it's own public IP. A great bonus would be if I could have one VPN login against one of the 3 public IP addresses, and get access to all 3 subnets.
-
you will need custom routes to do what you want. These are added in the custom options section.
-
"custom options section"??? I must be blind? Or are you talking about "additional options"?
I have added
push "route 10.10.40.0 255.255.255.0";in "additional options" at the pfSense VPN tunnel terminated for mobile clients ("road warriors"), but I can not access 10.10.40.1 with clients. The site to site VPN is up, I can ping 10.10.40.1 and 10.10.60.1 from 10.10.50.1.
-
On 1.2.3 it is "Custom Options" near the bottom
-
It was return traffic that failed. Problem solved by adding
route 10.99.99.0 255.255.255.0;in "Advanced configuration"/"additional options"/"Custom Options" (name is version specific I guess) on 10.10.40.1 & 10.10.60.1, where 10.99.99.0 is my road warrior "tunnel network".