Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN and routing between muliple subnets?

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 2 Posters 3.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      netphreak
      last edited by

      Here's what I am trying to set up for our lab at work:

      4 public IP's. 1 LAN subnet for each public IP. pfSense is running on ESX, so the number of NIC's is not a problem. It would be great to access each LAN remotely with OpenVPN, terminated to 1 public IP. This can be done under "additional options" under OpenVPN, but as far as I can tell, I'll need to use IP adresses to "push", instead of interface names (LAN's) here. The 4 local subnet addresses are likely to change quite often, so it's not very flexible to update the VPN settings each time…

      There's probably much more clever ways to explain my wishes  ::)

      1 Reply Last reply Reply Quote 0
      • N
        netphreak
        last edited by

        Alright, here's a simplified drawing of what I want:

        In short: I want 3 separated subnets attached to it's own public IP. A great bonus would be if I could have one VPN login against one of the 3 public IP addresses, and get access to all 3 subnets.

        1 Reply Last reply Reply Quote 0
        • X
          XIII
          last edited by

          you will need custom routes to do what you want. These are added in the custom options section.

          -Chris Stutzman
          Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
          Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
          freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
          Check out the pfSense Wiki

          1 Reply Last reply Reply Quote 0
          • N
            netphreak
            last edited by

            "custom options section"??? I must be blind? Or are you talking about "additional options"?

            I have added

            push "route 10.10.40.0 255.255.255.0";
            

            in "additional options" at the pfSense VPN tunnel terminated for mobile clients ("road warriors"), but I can not access 10.10.40.1 with clients. The site to site VPN is up, I can ping 10.10.40.1 and 10.10.60.1 from 10.10.50.1.

            1 Reply Last reply Reply Quote 0
            • X
              XIII
              last edited by

              On 1.2.3 it is "Custom Options" near the bottom

              -Chris Stutzman
              Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
              Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
              freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
              Check out the pfSense Wiki

              1 Reply Last reply Reply Quote 0
              • N
                netphreak
                last edited by

                It was return traffic that failed. Problem solved by adding

                route 10.99.99.0 255.255.255.0;
                

                in "Advanced configuration"/"additional options"/"Custom Options" (name is version specific I guess) on 10.10.40.1 & 10.10.60.1, where 10.99.99.0 is my road warrior "tunnel network".

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.