OpenVPN works very well for site-to-site VPNs. However, until the pfSense 2.x version is out, there isn't any filtering capabilities on those links. If you need to do filtering between locations, you'll want to stick with IPSEC for now.
Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 ----- "Paul Borowicz" <[email protected]> wrote: > > I saw that OpenVPN allows that, I'm going to use OpenVPN for my dynamic > users, I prefer it to PPTP, but I've always used IPsec for static VPN's. I > now have Pfsense on both ends of most of my VPN's, is OpenVPN a good solution > for static site-to-site VPN's? > > Paul > > From: Tim Nelson [mailto:[email protected]] > Sent: Friday, March 06, 2009 8:23 PM > To: [email protected] > Subject: Re: [pfSense Support] VPN into a network allowing access to two > subnets? > > Use OpenVPN and push some routes out to your users. > > Tim Nelson > Systems/Network Support > Rockbochs Inc. > (218)727-4332 x105 > > ----- "Chuck Mariotti" <[email protected]> wrote: > > > > I have a similar situation it sounds like to Paul. Specifically, I would like to setup pfSense to allow access to a 10.10.10.1 network to access other computers there. But I also need to allow the VPN users access to another subnet that hosts the telephone system (10.10.200.1). How can this be done? If so, how does one do this? Chuck > From: Borowicz, Paul [mailto:[email protected]] > > Sent: Friday, March 06, 2009 11:23 AM > > To: [email protected] > > Subject: [pfSense Support] VPN routing I'm in the process of transitioning the subnet of my datacenter, I only have a dozen or so servers. Everything is currently on a nonstandard subnet (192.0.1.0/24) due to a previous network admin. I want to move everything to 10.97.0.0/24, but I have alot of VPN's that terminate into the datacenter on my pfsense firewall. I know you can't route VPN's, if I use a second interface on my pfsense box can I bridge those two subnets? Can someone give me a quick example? If that's not possible, should I just create a second VPN for each site that points to the other subnet? Since both subnets will have a port on the pfsense box I should be able to point an ipsec VPN at either one, right? thanks, Paul F. Borowicz Network Administrator Behavior Corp (317) 587-0521 [email protected]
