Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN - Site-to-Site - Clients Connectivity

    OpenVPN
    2
    2
    386
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      fgmoyses last edited by

      Hi,

      I've OpenVPN configured between three sites:

      CONFIG DETAILS

      Main Office - Server
      10.1.0.0/24

      Branch 01 - Client
      192.168.1.0/24

      Branch 02 - Client
      192.168.0.0/24

      SCENARIO

      The branches offices can connect, ping and access resources on Main Office (vice-versa).

      But I need that the Branches Offices can connect, ping and access resources between them either (Branch 01 and Branch 02).
      What configuration do I need to do ?

      Thanks

      Frederico.

      1 Reply Last reply Reply Quote 0
      • D
        divsys last edited by

        You didn't mention which pfSense version you're using in all this?

        If this is the same configuration as your previous thread (https://forum.pfsense.org/index.php?topic=93729.msg520236#msg520236, then the simplest solution IMHO is to change your setup slightly so that the HO has only 1 OpenVPN server that handles both BrO1 and BrO2.

        You tell the OpenVPN server about all the remote networks in a comma separated list entered in "IPv4 Local Network/s" (192.168.1.0/24, 192.168.0.0/24 in your case).
        You use the Client Specific Configurations on the server to specify which remote network gets routed to which client (this has to be currently working or your dual server setup wouldn't be working now)

        The BrO1 and BrO2 clients both connect to the same HO OpenVPN server and the CSC settings make sure things are routed where they need to go.  The server hands out all external routes to both clients so they understand how to get to each other's networks (through the server).

        The only other way is to setup say, BrO1 as it's own additional OpenVPN server and add a client from Br02 to Br01.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense Plus
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy