How to Route PFSense-openvpn Tunnel Network



  • I created five openvpn server in pfsense which used different tunnel network. I want to route each network so that client will connect to each other even they are not used same server. Any idea?



  • Enter the tunnel network of each other VPN server in "IPv4 Local Network/s" field of each server config (comma-separated) to get the routes pushed to clients and permit traffic on the interface.



  • Works like a charm bro!!

    Thanks a lot.
    How about I have 2 PFSense with OpenVPN servers, How to route them

    Ex.

    PFsense 1
    Openvpn1A:  10.10.10.0/24
    Openvpn1B:  10.10.20.0/24

    PFsense 2
    Openvpn2A:  10.20.10.0/24
    Openvpn2B:  10.20.20.0/24

    How to configure them to route Openvpn1A to Openvpn2B and Openvpn1B to Openvpn2A?



  • You need also to add the subnets to "IPv4 Local Network/s". Each subnet entered here is routed over the VPN at clients side.

    In addition you have to route the traffic between the pfSense. Presumed both are in the same LAN, add a gateway in System > Routing, select LAN interface, enter a name and the LAN address of the other pfSense, don't check default gateway, monitoring can be disabled, save the settings. Then go to Routes tab and add a route for each tunnel subnet set at the other VPN server to use the new gateway.
    Ensure that your rules at LAN and openVPN interfaces permit the traffic.



  • @viragomann:

    In addition you have to route the traffic between the pfSense.

    In PfSense "Static Routes" documentation I read:
    "
    Never add static routes for networks reachable via OpenVPN. Such routes are managed by OpenVPN itself using Remote Network definitions, not static routes.
    "

    May be I don't understand your answer? :/



  • In this case the static route doesn't depend on a OpenVPN connection. The route goes to a static interface address of the other pfSense.


Log in to reply