VPN connection inside pfSense networks



  • I thought about this question and then I thought you know, people probably think this is really dumb.

    The question is this: I set up a OpenVPN server to tunnel into an OPT interface/network. If I VPN into that OPT interface/network from a computer that is on the LAN interface/network. Does pfSense see that computer as being on the VPN/OPT network and thus only apply the rules from the VPN tab or does it see it as on the LAN network and thus apply the rules from the LAN tab?

    Thanks in advance!



  • To establish the VPN connection (VPN client tries to connect to VPN server) this is handled by the LAN rules.
    If the VPN connection is established and you force all traffic through the VPN (server setting) then the OpenVPN rules take effect. The OpenVPN rules take effect for everything what is happening in the tunnel.

    So if the OpenVPN connection is established you don't have to bother about the LAN rules.



  • So just to double check. When I've established a VPN connection all initiations by my computer would be checked against rules on the VPN tab, yes?

    Now as far as communicating between my computer and other computers on the OPT network that the VPN is tunneled to do I have to create rules that allow for communication between the VPN interface and the OPT network or does the pfSense treat the VPN'd computer as being on the OPT network?

    Does that make sense?

    Thanks in advance!



  • @broncoBrad:

    So just to double check. When I've established a VPN connection all initiations by my computer would be checked against rules on the VPN tab, yes?
    Yes, if you checked "redirect all traffic through VPN" on OpenVPN server.

    Now as far as communicating between my computer and other computers on the OPT network that the VPN is tunneled to do I have to create rules that allow for communication between the VPN interface and the OPT network Yes or does the pfSense treat the VPN'd computer as being on the OPT network? No

    Does that make sense?

    Thanks in advance!


Log in to reply