Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Rutear entre diferentes redes OpenVPN dentro del mismo PfSense

    Scheduled Pinned Locked Moved Español
    2 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MoKE
      last edited by

      Detalle

      Hola a todos. Les detallo mi inquietud:

      Tengo un PfSense con el que gestiono VPNs con OpenVPN. Dentro de ese servidor tengo funcionando dos VPNs en los siguientes rangos:

      VPN1: 192.168.15.0/24
      VPN2: 192.168.30.0/24

      Por cada una de estas VPNs tengo conectados 10 clientes.

      Lo que yo necesito es que todos los clientes puedan conectarse entre sí. Un ejemplo puede ser…

      Cliente IP 192.168.15.100 <-- puedan verse entre ellos --> Cliente IP 192.168.30.100

      Realmente no sé como puedo hacer.

      Les adjunto las configuraciones de los dos instancias de servidores OpenVPN...

      Servidor con IP 15

      
dev ovpns1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto tcp-server
cipher BF-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local x.x.x.x
tls-server
server 192.168.15.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
tls-verify /var/etc/openvpn/server1.tls-verify.php
lport 443
management /var/etc/openvpn/server1.sock unix
max-clients 120
client-to-client
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo
client-config-dir /usr/local/www/ccd

      Servidor con IP 30

      
dev ovpns3
dev-type tun
dev-node /dev/tun3
writepid /var/run/openvpn_server3.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher BF-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local x.x.x.x
tls-server
server 192.168.30.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
tls-verify /var/etc/openvpn/server3.tls-verify.php
lport 1194
management /var/etc/openvpn/server3.sock unix
max-clients 20
client-to-client
ca /var/etc/openvpn/server3.ca
cert /var/etc/openvpn/server3.cert
key /var/etc/openvpn/server3.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server3.tls-auth 0
comp-lzo
client-config-dir /usr/local/www/ccd

      Muchas gracias a todos por los comentarios.  :)

      1 Reply Last reply Reply Quote 0
      • M
        MoKE
        last edited by

        Hola, nuevamente. Encontré la solución (gracias a un compañero que está más lucido que yo). Espero que les sirva a muchos.

        Observen las configuraciones de ambos servidores cómo me quedaron…

        Saludos!

        Servidor con IP 15

        
dev ovpns1
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto tcp-server
cipher BF-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local x.x.x.x
tls-server
server 192.168.15.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
tls-verify /var/etc/openvpn/server1.tls-verify.php
lport 443
management /var/etc/openvpn/server1.sock unix
max-clients 120
client-to-client
ca /var/etc/openvpn/server1.ca
cert /var/etc/openvpn/server1.cert
key /var/etc/openvpn/server1.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server1.tls-auth 0
comp-lzo
client-config-dir /usr/local/www/ccd

push "route 192.168.30.0 255.255.255.0"

        Servidor con IP 30

        
dev ovpns3
dev-type tun
dev-node /dev/tun3
writepid /var/run/openvpn_server3.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher BF-CBC
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local x.x.x.x
tls-server
server 192.168.30.0 255.255.255.0
client-config-dir /var/etc/openvpn-csc
tls-verify /var/etc/openvpn/server3.tls-verify.php
lport 1194
management /var/etc/openvpn/server3.sock unix
max-clients 20
client-to-client
ca /var/etc/openvpn/server3.ca
cert /var/etc/openvpn/server3.cert
key /var/etc/openvpn/server3.key
dh /etc/dh-parameters.1024
tls-auth /var/etc/openvpn/server3.tls-auth 0
comp-lzo
client-config-dir /usr/local/www/ccd

push "route 192.168.15.0 255.255.255.0"
        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.