Hi, I have set up an OpenVPN server in a network 192.168.1.0/24 and a client in a network 192.168.10.0/24. Both are connected through a "tunnel network" whose interfaces (tun0 at both ends) have the POINTOPOINT interface flag set. I've set up both tun0's as dhcp and they get 10.0.8.1/24 at the server end and 10.0.8.2/24 at the client end of the tunnel. I've set up some NAT rules and static routes at both ends to be able to access machines in both subnets from each other. Works just fine.
I have a couple more sites that I want to connect to the same (OpenVPN) server. Here are my questions: a) Is that possible at all? After all 10.0.8.0 is a /24. b) Will the POINTOPOINT property prohibit a)? c) In cace a) is not possible because of b), will I have to set up another OpenVPN server that listens on UDP 1195, for instance, and set up another tunnel network to connect the next site? I would really appreciate some pointers before running off in the wrong direction. Cheers, Raimund -----Oorspronkelijk bericht----- Van: [email protected] [mailto:[email protected]] Namens Ray Verzonden: vrijdag 25 november 2011 12:41 Aan: [email protected] Onderwerp: [pfSense] Layer 3 OpenVPN (tun) server: several site networks as clients possible? Hi Raimund, Last year I switched from IPSEC to OpenVPN with a PKI infrastructure. At this moment I've got 28 OpenVPN Site-to-Site clients connected to 1 OpenVPN server. So your answer is A!!! Make sure that you create a certificate for every location, so don't use the shared key option! Good Luck, Jochem _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
