Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Remote Access to pfsense behind corporate firewall

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      grub3r
      last edited by

      Hi guys!

      OK, first of all, I have never used pfsense before..
      but I see potential which we can use here.

      Requirement is to get mobile users access the lan-resources behind corporate firewall by using OpenVPN remote access with pfsense placed behind this corporate firewall.

      inet->public-firewall-lan(resources/pfsense)

      where PFsense is configured with lan-ip on wan interface

      I've search and found some tutorials on how to setup tap-mode with pfsense but all are based on using both WAN and LAN-interfaces on pfsense, which would not suffice in our environment.
      (http://hardforum.com/showthread.php?t=1663797)

      have opened openvpn port in corp-firewall and get connection established but cannot ping/access LAN-resources.
      client get an IP from LAN-dhcp server thus having 2 default gateways configured
      one with local-gw and one with corp-firewall(that from dhcp-lease)  :o

      so here Im trying to figure this out but not luck.

      I also tried to change to tun-mode and get ip from pfsense but no fun..

      any help would be appreciated

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        So what is this corp firewall?  I ask because to be honest end pointing a vpn connection behind the edge is normally a bad idea, and just complicates the setup.

        I would suggest if you want to use openvpn to provide road warrior access that you swap out your corp firewall (it doesn't support vpn?) with pfsense and setup the vpn as it should be setup on the edge device.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • G
          grub3r
          last edited by

          @johnpoz:

          So what is this corp firewall?  I ask because to be honest end pointing a vpn connection behind the edge is normally a bad idea, and just complicates the setup.

          I would suggest if you want to use openvpn to provide road warrior access that you swap out your corp firewall (it doesn't support vpn?) with pfsense and setup the vpn as it should be setup on the edge device.

          Hi there!

          the firewall is a dell sonicwall which does not support more then one ssl-vpn client at a time…

          which brings us to same question on how to achieve that.
          forumers had written that they have had or have same setup but none writes on how to actually achieve that.

          please advice!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.