Allow OpenVPN client on one site access resources on a secondary site



  • Hi all,
    will greatly appreciate your help.

    i have a simple setup:

    pfSense1 : has remote access openvpn (for clients accessing network resources) 172.1.1.0/24
    pfSense2: has a website running on the lan (with a whitelist for external clients) 172.2.2.0/24

    the two firewalls are bridged (site to site openvpn) with an IP limit (172.1.1.1 -> 172.2.2.1)

    the clients on pfSense1 can access the network with no issue (172.1.1.0/24)
    but i need them to also be able to access resources on 172.2.2.0/24

    how can that be achieved ?



  • Hi,
    go to the VPN configuration on pfSense1 and enter the network you want to access (172.2.2.0/24) in the field "IPv4 Remote Network/s".



  • did you mean "IPv4 Local Network/s" ?
    I tried that, but no success.



  • I see, pfSense1 is your VPN server and pfSense2 is the client. It would be much easier if it were reversed.

    If pfSense is the server, it will be necessary to assign an interface to the VPN server, than add a gateway using this interface and add a static route to route the traffic to 172.2.2.0/24 over it.



  • pfsense1 is a vpn server for remote access.
    pfsense2 is a vpn server for site to site.


Log in to reply