OpenVPN Bridge Layer2 Pfsense 2.2 Same Subnets



  • Hi,
    we would like to remove Vyatta stuff between our office and servers in datacenter.

    Everything inherate from past, so we have plenty of systems, and IP are just all in the same network, (192.168.12.0/24) with no rules between offie and datacenter.
    Plenty of old server but still on production and changing their IP will probably cause plenty of trouble.

    So we need to setup a VPN between both in Layer2, in order to connect the 2 parts, but everything on the same network.

    We did an OpenVPN tunnel, TAP, Peer2peer Shared key, no virtual IP.
    It connect, no problem (OpenVPN status on both side)

    Then we did bridges on both side, with LAN and OpenVPN interface

    But we can't ping on the other side.

    there is an option in OpenVPN server to choose a bridge to connect to, and even allow or not DHCP through, but this is grayed out and no way to enable it in peer2peer (only in remote access with PKI connexion)

    We set up all firewall on ipv4/6 * *, but I don't see what firewall has to do with a L2 bridge.

    I am sure I do not understand something, so if anyone can help..

    lan office –------------------->LAN0    pfs1    WAN<---------INTERNET------------> WAN    pfs2    LAN1<-------------------------- datacenter lan
    192.168.12.0/24              192.168.12.1              Public IP                                      Public IP                192.168.12.254                  192.168.12.0/24               
    gw 192.168.12.1                                                                                                                                                                          gw 192.168.12.254
                                                                  |                                                                                                              |
                                                                  | BRIDGE0                                                                                                | BRIDGE1
                                                                  |                                                                                                              |
                                                                  OpenVPN0 <------------------------------------------------------------>OpenVPN1
                                                                                                TAP VPN P2P Shared, No Virtual IP

    Thanks,

    Klona