Site to Site and Road warrior combined?
This a question from a new guy like me so bear with me. Currently I have setup openvpn for road warriors where users can connect to my main pfsense server and this is working great now recently we been opening a new branch and I am have already pfsense 2 on it and I am planning to to setup site to site vpn connection between this two servers. Is it possible to have this both site to site and road warrior setup combined? I want to achieve to make our main server capable of handling both road warrior users and at the same time our branch office pfsense server could connect to it as site to site client.
Hope someone here could advise me what to do.
what you want to do is no problem and should be fairly easy to setup.
you will need a different tunnel subnet then your roadwarriors and easiest would be that the remote location lan has a different subnet then the local lan subnet. (this to avoid routing issues)
other then that you just have to pick the method you'd like to provide encryption (shared key being the easiest)
I have found a howto that answer my inquiry. From this site –-> http://blog.stefcho.eu/?p=576
Thanks though for the response.
the difference on pfsense 2 between OpenVPN RoadWarrior and Site-to-Site is just the options in the GUI.
For a site-to-site connection you do not use Username/password so this option isn't available when selecting sito-to-site.
But the OpenVPN server is working the same - no matter if you selected site-to-site or RoadWarrior.
If you already found your answer - that's nice to hear and you can forget about my post :)
Thanks for the pointers.. I now going to test more with Openvpn with Pfsense and it was getting easier to setup unlike before.
Just another question I have some dilemma with hostname not resolving from remote connection from our main network where the vpn server resides. Though this can be accomplished with dns forwarder but I don't want to do this manually everytime I have a new hostname to resolve. I would like to resolve hostnames for my remote vpn users automatically. Please if you have any idea what will I do it would be a great help to me.
Try to use any pfsense LAN interface as DNS.
I am not sure how fast the names get resolved - this is something I am really not sure about the OpenVPN/DNS configuration.
Tried that it though I didn't wait that long enough. I ll just tried again if that works. Thanks