DHCP Relay over OpenVPN tunnel



  • I have a site-to-site VPN tunnel that works great, everyone can communicate properly. On the OpenVPN server side router, I have multiple VLANs each on their own subnet, and I have DHCP relay enabled pointing to my DHCP server. That works great too, each client gets an IP from the appropriate range.

    The problem comes in with my remote site on the other end of the OpenVPN tunnel. Even though I enable DHCP relay with the same settings pointed to the same server, no devices on the remote end can get an IP from the DHCP server. If manually assigned an IP they can ping the DHCP server, and can connect to other services on the DHCP server, but the DHCP relay is not working.

    Is there an additional setting I am missing to enable DHCP relay over the OpenVPN tunnel?

    Thank you in advance for your help!



  • As I read more about this, it sounds like DHCP Relay may not be supported in TUN mode as I have it set up, and that I have to use TAP. Is DHCP Relay possible over TUN or am I trying to do something not supported?


  • Rebel Alliance Developer Netgate

    It may work (I haven't tried it) but keep in mind pfSense will originate the relay requests from the IP address of the tun interface in this case.

    I know for certain it doesn't work properly with IPsec.

    If you have a managed switch, check and see if it has an "IP Helper" or DHCP relay function and enable it there rather than on the firewall.


Log in to reply