Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Site to site with only main site static?

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 935 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      source
      last edited by

      Is it possible and if so, can someone point me in the right direction,  to setup a site to site vpn with only the main site having a static ip address and dns. I have a customer that tried getting a static ip for their remote site and ATT said it couldn't be done from that particular location. I don't know if the stores in that mall are sharing some config.  The site does have access to the main site and the clients are attaching to pfsense via openvpn but its all manual. I'd like to setup a firewall(pfsense) to do a site to site, shared key config.

      thanks!

      1 Reply Last reply Reply Quote 0
      • B
        BeerCan
        last edited by

        I do it all the time.  Make the server on the main site and on the remote machines just add a client with the shared key config.

        2014-08-20_120617.jpg_thumb
        2014-08-20_120617.jpg
        2014-08-20_120256.jpg_thumb
        2014-08-20_120256.jpg

        1 Reply Last reply Reply Quote 0
        • S
          Spiffster
          last edited by

          Yeah, only the OpenVPN server needs to be static, or can even be dynamic using a dynamic DNS address. All the OpenVPN client needs is the address of the OpenVPN server (IP or DNS), along with the shared key and a few other settings of course.

          1 Reply Last reply Reply Quote 0
          • S
            source
            last edited by

            Awesome thanks guys.  So for each client. I can use the shared key but will this work for another router/pfsense appliance at the remote site and have the remote clients route their traffic through that router?

            thanks

            1 Reply Last reply Reply Quote 0
            • S
              Spiffster
              last edited by

              AFAIK you can only have one OpenVPN Server and one OpenVPN Client pair using the shared key method. You can have multiple Server/Client pairs for each remote network though, if that makes sense. The remote computers will just need to use the pfSense fw running the OpenVPN Client as their gateway, that or you would need to setup a static route on each remote PC.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.