Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Remote Access to pfsense behind corporate firewall

    OpenVPN
    2
    3
    874
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grub3r last edited by

      Hi guys!

      OK, first of all, I have never used pfsense before..
      but I see potential which we can use here.

      Requirement is to get mobile users access the lan-resources behind corporate firewall by using OpenVPN remote access with pfsense placed behind this corporate firewall.

      inet->public-firewall-lan(resources/pfsense)

      where PFsense is configured with lan-ip on wan interface

      I've search and found some tutorials on how to setup tap-mode with pfsense but all are based on using both WAN and LAN-interfaces on pfsense, which would not suffice in our environment.
      (http://hardforum.com/showthread.php?t=1663797)

      have opened openvpn port in corp-firewall and get connection established but cannot ping/access LAN-resources.
      client get an IP from LAN-dhcp server thus having 2 default gateways configured
      one with local-gw and one with corp-firewall(that from dhcp-lease)  :o

      so here Im trying to figure this out but not luck.

      I also tried to change to tun-mode and get ip from pfsense but no fun..

      any help would be appreciated

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        So what is this corp firewall?  I ask because to be honest end pointing a vpn connection behind the edge is normally a bad idea, and just complicates the setup.

        I would suggest if you want to use openvpn to provide road warrior access that you swap out your corp firewall (it doesn't support vpn?) with pfsense and setup the vpn as it should be setup on the edge device.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        Please don't Chat/PM me for help, unless mod related
        Read https://www.netgate.com/docs/pfsense/book/
        SG-2440 2.4.5p1 | 4x SG-3100 2.4.4p3 | SG-4860 21.05

        1 Reply Last reply Reply Quote 0
        • G
          grub3r last edited by

          @johnpoz:

          So what is this corp firewall?  I ask because to be honest end pointing a vpn connection behind the edge is normally a bad idea, and just complicates the setup.

          I would suggest if you want to use openvpn to provide road warrior access that you swap out your corp firewall (it doesn't support vpn?) with pfsense and setup the vpn as it should be setup on the edge device.

          Hi there!

          the firewall is a dell sonicwall which does not support more then one ssl-vpn client at a time…

          which brings us to same question on how to achieve that.
          forumers had written that they have had or have same setup but none writes on how to actually achieve that.

          please advice!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy