Hi all,
My development team is given it's private vlan with our laptops and
development servers. We would like to use pfsense for dhcp, dns and
openvpn. I'm quite unsure on how to setup openvpn, given the fact that
the server is on the same subnet as all the laptops and dev servers. I
could (and will) start experimenting, but maybe you could give me a
headstart.
What I have:
- pfsense diskinstall 1.2.2
- server on vlan, accessible from internet
- vlan is a /27 subnet
- all other machines on the same subnet as the pfsense machine
What I try to achieve:
- dhcp and dns services for the laptops on the subnet, this should be
trivial to setup on the lan port
- openvpn access to the network for 'road warriors' using tcp on port
22, that's where my problem starts
Questions:
- since both interfaces are on the same subnet, I originally thougt I
had to bridge the two, but that would disable my lan port's ip address
which I'll need for dns, right? And besides, since on both bridged
interfaces would be the equal set of addresses, this would cause
problems. Am I right in thinking both interfaces should stay seperate?
- if I then have two interfaces on the same subnet, I should disable
routing between both and only allow routing from the vpn traffic from
wan to lan. Can this be done by simply blocking all traffic except for
the incoming openvpn traffic on port 22 from the gateway or do I need
to take other measures?
- would there be any other issues, caused by the two interfaces
sharing one subnet?
Thanks,
Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
