Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple VPN Network on single Pfsense! How to access all network ?

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cosego
      last edited by

      hello, i need some help with a network. i configure a pfsense as a vpn server and multiple pfsense as open vpn clients and a single open vpn server to access it from a remote pc in order to have access on every edge of the network. currently from that pc i have only access on the pfsense that every network is connected on it but i cant access the other networks. i tryed multiple static routes with no luck! i have a network diagram to help you understand what im trying to accomplish. i want to be able to access all the other network from the pc on 192.168.4.0/24 tunnel network.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        well what is the routes you get on your laptop?  Do you set default route out the tunnel from the laptop?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Can you easily renumber the end LANs?  What you have will work but there's a better way.

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • C
            cosego
            last edited by

            The issue is that i cant from 192.168.4.0/24 vpn network to any network except the one that the vpn is connected on! So i cant connect from laptop on 192.168.4.6 to 192.168.30.6! i added the  push "route 192.168.30.0 255.255.255.0"; on 192.168.4.0/24 server but the packet is going out to the main router and then stops! is there any way to add static route on pfsense to point the next hope via openvpn ?

            1 Reply Last reply Reply Quote 0
            • DerelictD
              Derelict LAYER 8 Netgate
              last edited by

              No.  You add routes and iroutes to OpenVPN and it adds them to the routing table as necessary.

              I'm asking if you can renumber because it would be easier to do (and reduce your chance of a collision with another network) if you were to number your LANs something like:

              172.26.48.0/24
              172.26.49.0/24
              172.26.50.0/24
              172.26.51.0/24
              172.26.52.0/24

              Then, to every site, you would push a route to 172.26.48.0/28

              Then, in your client-specific overrides on the main site, you would iroute the appropriate LAN network to the appropriate client.

              And on all your OpenVPN rule tabs, if you want everyone to be able to access everything, you would pass all traffic from 172.26.48.0/28

              Chattanooga, Tennessee, USA
              A comprehensive network diagram is worth 10,000 words and 15 conference calls.
              DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.