Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Remote Access to pfsense behind corporate firewall

    OpenVPN
    2
    3
    882
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grub3r last edited by

      Hi guys!

      OK, first of all, I have never used pfsense before..
      but I see potential which we can use here.

      Requirement is to get mobile users access the lan-resources behind corporate firewall by using OpenVPN remote access with pfsense placed behind this corporate firewall.

      inet->public-firewall-lan(resources/pfsense)

      where PFsense is configured with lan-ip on wan interface

      I've search and found some tutorials on how to setup tap-mode with pfsense but all are based on using both WAN and LAN-interfaces on pfsense, which would not suffice in our environment.
      (http://hardforum.com/showthread.php?t=1663797)

      have opened openvpn port in corp-firewall and get connection established but cannot ping/access LAN-resources.
      client get an IP from LAN-dhcp server thus having 2 default gateways configured
      one with local-gw and one with corp-firewall(that from dhcp-lease)  :o

      so here Im trying to figure this out but not luck.

      I also tried to change to tun-mode and get ip from pfsense but no fun..

      any help would be appreciated

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        So what is this corp firewall?  I ask because to be honest end pointing a vpn connection behind the edge is normally a bad idea, and just complicates the setup.

        I would suggest if you want to use openvpn to provide road warrior access that you swap out your corp firewall (it doesn't support vpn?) with pfsense and setup the vpn as it should be setup on the edge device.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

        1 Reply Last reply Reply Quote 0
        • G
          grub3r last edited by

          @johnpoz:

          So what is this corp firewall?  I ask because to be honest end pointing a vpn connection behind the edge is normally a bad idea, and just complicates the setup.

          I would suggest if you want to use openvpn to provide road warrior access that you swap out your corp firewall (it doesn't support vpn?) with pfsense and setup the vpn as it should be setup on the edge device.

          Hi there!

          the firewall is a dell sonicwall which does not support more then one ssl-vpn client at a time…

          which brings us to same question on how to achieve that.
          forumers had written that they have had or have same setup but none writes on how to actually achieve that.

          please advice!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post