Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client - pfSense - pfSense

    Scheduled Pinned Locked Moved
    OpenVPN
    3
    4
    1.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yayaasd
      last edited by

      Hi Guys,

      i have a new challenge for pfSense and OpenVPN:

      We got 2 pfSense:

      • pfSense A

      • OpenVPN Server
            Tunnel Network: 172.16.0.0/24
            Local Network: 10.0.0.0/8

      • OpenVPN Client to pfSense B

      • pfSense B

      • OpenVPN Server
            Tunnel Network: 172.16.1.0/24
            Local Network: 10.1.0.0/16

      What i should be able to do:

      Connect via OpenVPN to pfSense A and be able to access both Networks (pfSense A & B).

      How would you takle this? Any Ideas?
      I tried already a few things, but think that was not right.

      thx for your help

      1 Reply Last reply Reply Quote 1
      • M
        marvosa
        last edited by

        You want to set up a site to site tunnel, but you have fix a couple things first:

        • The tunnel network has to be on the same subnet

        • Your LAN subnets overlap.  This needs to be fixed before moving forward

        1 Reply Last reply Reply Quote 0
        • P
          phil.davis
          last edited by

          You are having a "road warrior" server at Site A to "dial-in", then a site-to-site link from an OpenVPN client at site A to an OpenVPN server at site B.
          The tunnel network for "road warrior" and "site-to-site" have to be different subnets - what is in the original post is fine. (I think marvosa has misread your post, as I did when I first looked at it quickly)
          The local network at site A and site B have to be different and not overlapping. e.g. 10.0.0.0/16 and 10.1.0.0/16
          Then it is all standard stuff, no real challenge for pfSense. Put the appropriate things in local and remote network fields of the VPN settings, allow stuff in firewall rules, go.

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • Y
            yayaasd
            last edited by

            @phil.davis:

            You are having a "road warrior" server at Site A to "dial-in", then a site-to-site link from an OpenVPN client at site A to an OpenVPN server at site B.
            The tunnel network for "road warrior" and "site-to-site" have to be different subnets - what is in the original post is fine. (I think marvosa has misread your post, as I did when I first looked at it quickly)
            The local network at site A and site B have to be different and not overlapping. e.g. 10.0.0.0/16 and 10.1.0.0/16
            Then it is all standard stuff, no real challenge for pfSense. Put the appropriate things in local and remote network fields of the VPN settings, allow stuff in firewall rules, go.

            All right, it mean that i`m on the right way to apply this. i will give it another try and may also check the firewall settings - the problem could be there..
            many Thanks!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.