Hi Jeppe
The problem i have is with the client server connect we have to another
office. Pfsense connects authenticates and functions perfectly for
itself. I can access and ping etc etc al over the other network without
any issues. The problem is when on a machine in the client office I
cannot see the other network and dont seem to have any ability to set
rules on tun0 which is the interface to allow traffic through. I am sure
it can be done and I am just missing a point. With our firewall we
block everything coming in on the WAN and alow everything out on the
LAN, so I cant see issues there as the logs show no problems. I would
appreciate immensly any hints as it is ruining an otherwise brilliant
solution for us.
regards
paul
Jeppe Øland wrote:
Hi Paul,
As far as I remember, I didn't have to do anything to get the 2 sites
talking to each other.
The problems I had was in allowing the client to go out to the
Internet again via the tunnel. For this you need to turn on the
advanced outbound NAT and add an entry for the VPN local IP range.
You are having problems even with office<->office comms?
I agree its a pity the documentation is so sparse ... I guess we
should add to it :-)
Regards,
-Jeppe
2008/2/7 graham <[EMAIL PROTECTED]>:
Hi Jeppe
Thanks for the reply.
Yes I meant a client office, I had it set up and functioning (ping trace
route etc from the firewall) but nothing from the client netwrok. As
soon as I added the tun0 nat entry in the rules file it worked.
unfortunatley it dies as soon as the riules refreshed.
I had a look at this file and it didnt actually get everything working ,
but will revisit. It is a pity that something automated in the
application takes a simple task and makes it like black magic.
regards
paul
Jeppe Øland wrote:
I'm not sure if by "client" you mean a mobile person, or a client office.
At any rate, this one describes both scenarios:
http://pfsense.untouchable.net/tutorials/openvpn/pfsense-ovpn.pdf
I had the extra requirement that the mobile clients needed internet
access via the OpenVPN tunnel as well.
For this to work I had to turn out the advanced outbound NAT.
Regards,
-Jeppe
On Feb 7, 2008 1:00 PM, graham <[EMAIL PROTECTED]> wrote:
Could someone please point me towards a sample of how to set up a client
to server connection which all the clients network can access the
servers network in openVPN and pfsense.
It is great that everything is automated etc etc but its really easier
to set manual firewall rules in a config file. I am sure I am not the
only one asking as I have seen this question posted many many times on
searches I have done but very few people give answers that work.
Oh ps great great app. This is amazing that i can rebuild my entire
corporate firewall in 30 after a hard drive failure on the same machine.
have a great day
paul
Scott Ullrich wrote:
On Feb 7, 2008 9:30 AM, Ugo Bellavance <[EMAIL PROTECTED]> wrote:
Hi,
Would it be possible to make bandwidthd listen on more than one
interface, like darkstats?
No. Check the known bugs section on source forge. Last time I
checked this was a known issue.
Scott
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
-----------------------------------------------------------------------------------------------
GD Consulting srl
Via della Giustizia, 10/B
20125 Milano (MI) - Italy
Web: http://www.gdconsulting.it - Email: [EMAIL PROTECTED]
Tel: +39-02.6710.1331 - Fax: +39.02.6707.8798
Ai sensi del D.L. n. 196/2003 e successive modifiche/integrazioni le
informazioni contenute in questo messaggio di posta elettronica sono riservate
e per uso esclusivo del destinatario.
Qualsiasi pubblicazione, utilizzo o diffusione anche parziale dello stesso non
può essere effettuata senza autorizzazione e potrebbe costituire un illecito
penale. Qualora non siate tra i legittimi destinatari di questa e-mail Vi
preghiamo cortesemente di cancellarla dal sistema dopo aver notificato al
mittente, rispondendo alla comunicazione, l'errore da questi commesso.
-----------------------------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
-----------------------------------------------------------------------------------------------
GD Consulting srl
Via della Giustizia, 10/B
20125 Milano (MI) - Italy
Web: http://www.gdconsulting.it - Email: [EMAIL PROTECTED]
Tel: +39-02.6710.1331 - Fax: +39.02.6707.8798
Ai sensi del D.L. n. 196/2003 e successive modifiche/integrazioni le
informazioni contenute in questo messaggio di posta elettronica sono riservate
e per uso esclusivo del destinatario.
Qualsiasi pubblicazione, utilizzo o diffusione anche parziale dello stesso non
può essere effettuata senza autorizzazione e potrebbe costituire un illecito
penale. Qualora non siate tra i legittimi destinatari di questa e-mail Vi
preghiamo cortesemente di cancellarla dal sistema dopo aver notificato al
mittente, rispondendo alla comunicazione, l'errore da questi commesso.
-----------------------------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
-----------------------------------------------------------------------------------------------
GD Consulting srl
Via della Giustizia, 10/B
20125 Milano (MI) - Italy
Web: http://www.gdconsulting.it - Email: [EMAIL PROTECTED]
Tel: +39-02.6710.1331 - Fax: +39.02.6707.8798
Ai sensi del D.L. n. 196/2003 e successive modifiche/integrazioni le
informazioni contenute in questo messaggio di posta elettronica sono riservate
e per uso esclusivo del destinatario.
Qualsiasi pubblicazione, utilizzo o diffusione anche parziale dello stesso non può essere effettuata senza autorizzazione e potrebbe costituire un illecito penale. Qualora non siate tra i legittimi destinatari di questa e-mail Vi preghiamo cortesemente di cancellarla dal sistema dopo aver notificato al mittente, rispondendo alla comunicazione, l'errore da questi commesso. -----------------------------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
