Add pfSense in existing Network as VPN Gateway
LeoLinux last edited by
I have a FritzBox which is connected to the internet. It serves the internet through WLAN and LAN which is 192.168.10.0/24
Now I want to extend the home network with an OpenVPN connection. Unfortunately the FritzBox can't connect via OpenVPN as client to the datacenter. Good thing is, the FritzBox can be configured to know about additional static routes. This gave me the idea to configure a pfSense in order to connect to my datacenter via OpenVPN. This way I can tell the FritzBox to use the LAN IP of the pfSense as additional static route in order to extend the home network with the OpenVPN connection.
In order to achieve this goal, I connected the WAN as well as the LAN interface via Ethernet to my FritzBox. WAN if got DHCP and LAN a static IP - both where in the same network 192.168.10.0/24
Even though the pfSense itself had access to the internet through its WAN - it seemed like the pfSense was unable to serve internet to the clients behind its LAN interface. Is this because WAN and LAN share the same network?
Thus far a great plan in my eyes … but somewhere it lacks, cause the routing seems to fail?!
Any idea how to solve this?
streetsfinest last edited by
you have to configure your LAN A port on fritzbox as "exposed host". Than you have to connect your pfsense on that port.
Than you have to give your pfsense a ip in the subnet of the fritzbox (gateway and dns server are the fritzbox).
Next you can check the internet connection with your pfsense. then you have to create a dynamic dns account for vpn connect, if you haven´t a fixed ip address from your provider.
the last step is to create the openvpn server on pfsense.
LeoLinux last edited by
Thanks for your reply but either you read my question too quick, or I didn't expres myself good enough ;)
I don't want to provide an OpenVPN Server, neither do I want to make pfSense the "master-router" at home. I already have an OpenVPN server in the datacenter. Now I want to connect to the OpenVPN server from home. At home I have a FritzBox which I want to leave as master router.
My FritzBox is now feeding my pfSenses' WAN via ethernet ==> pf-WAN: 192.168.10.10/24 (DHCP)
The pfSense is setup as OpenVPN client and has a succesfully established connection to the datacenter.
The FritzBox has an additional entry in its static routing table, so that the FritzBox forwards datacenter-net-requests to pfSense.
The pfSense LAN "SHOULD" feed the FritzBox with the network of the datacenter ==> pf-LAN: 192.168.10.2/24 (static)
Even though the OpenVPN connection is succesfully established as well as the FritzBox redirects requests correctly it does not work. So I did some investigations and figured out, that the pfSense is not even able to process any of my requests via LAN. It simply fails in being a gateway for requests from its LAN port. This may be because WAN and LAN lies in the same home network - and that's where my knowledge lacks and why I consulted the pfSense forum for advice.