For each tunnel with different ip ranges it's neccessarry to use a unique OpenVPN server.
Because every tunnel in OpenVPN gets it's own interface you can route between the interfaces and also filter in them using the OpenVPN Tab in the firewall rules. For more fine grained web control you can define ovpnX as an Interface using the interfaces tab and then also use squid in this interface. I'n not award of any points why VoIP should not work... Good luck, Martin ;-) Am 26.02.2012 um 07:12 schrieb "[email protected]" <[email protected]>: > I am considering deploying pfSense using OpenVPN (site to site) to > interconnect a dozen offices to a main site. Each remote office will > have fewer than 10 connected IP devices. This setup may replace a > IPSec VPN's. My questions: > > 1, Assuming the main site is the OpenVPN server will each remote site > require a unique server process or can one server provide VPN's to all > the remote OpenVPN clients? > > 2. I need to restrict all network traffic between all sites to the > VPN's. No open internet access. Is this possible? > > 3. Each of the remote sites needs to be able to route to each other > but through the main site (hub-spoke). The primary need is because of > VOIP calls between the offices. Possible? > > Any insights or caveats are welcome. My apology if this is not the > correct forum for these questions. > > Regards, R > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
