Site-2-Site link don't want to use a "tunnel network"



  • Hello,

    i'm using openvpn since over 10 years now. i have a lot of self serviced centos based Firewalls out there. all the time for lan to lan links i use direct openvpn Connections with the OVPN option "ifconfig 'local-internal-ip' 'remote-internal-ip' for not needing a tunnel / Transport Network with the /30 mask. pfSense works fine this way on a Client side, i have running two of them now. Now it's time to Setup pfSense on the Server side, but i can't find a way to configure a OpenVPN Server without Setting an 'ipv4 tunnel network'.

    any help or suggestions are very welcomed. and thanks for all the work on this great Firewall distro.

    Regards, Sven



  • i have found a way to not use the transport network (/30) by backing up the openvpn part of the config, manual removing the "tunnel-network" part and adding "<custom_options>ifconfig 10.168.71.251 192.168.71.251</custom_options>" and then restoring openvpn config

    that works, but if i want to change settings of this openvpn connection in the web gui, i allways get the error: "The following input errors were detected: The field Tunnel network is required." .. is there a way to mark this field optional?

    thanks for any help, sven



  • IPv4 tunnel network should probably be optional also because you might be doing pure IPv6, and in that case you would put an IPv6 tunnel network but no IPv4 tunnel network.
    The validation is in /usr/local/www/vpn_openvpn_server.php
    Look for:

    
    	if ($pconfig['dev_mode'] != "tap") {
    		$reqdfields[] = 'tunnel_network';
    		$reqdfieldsn[] = gettext('Tunnel network');
    	} else { ...
    
    

    That makes tunnel_network a required field.


Log in to reply