Re: [pfSense Support] openVPN to OPT1 interface

Tue, 30 Jun 2009 08:02:20 -0700
Interesting. I had wished I could make that scenario work w/ipsec. Alas, no joy. I had to set up a vyatta to do it and it worked flawlessly out of the box. I didn't need a third NIC port to do it, either. My thinking is that BSD doesn't handle virtual interfaces very well. *sigh* I like pfsense better, otherwise. 

Curtis


jose thomas wrote:

Thank you Scott, it solves my problem with routing.

Thanks again for your time
-Jose


On Sat, Jun 27, 2009 at 10:14 PM, Scott Ullrich <sullr...@gmail.com 
<mailto:sullr...@gmail.com>> wrote:


    On Sat, Jun 27, 2009 at 6:22 AM, jose thomas<tk.j...@gmail.com
    <mailto:tk.j...@gmail.com>> wrote:
    > Hi there,
    >
    > In our data center, we have two pfsense 1.2.2 boxes with two
    subnets behind
    > the NAT.
    > The OPT1 interfaces are been using for the inter communication
    between the
    > two lan
    > subnets owned by the two pfsense boxes. We have a configured
    openVPN for the
    > two
    > WAN interfaces.
    >
    > The problem is that from outside anybody connects to one of the
    pfsense box
    > thgough
    > openVPN, they are not able to access the other subnet which is
    under the
    > other
    > pfsense box which is connected through the OPT1 interfaces between.
    >
    > How can I add specific rule set (or any other config change) to
    instruct
    > that the other
    > subnet address destinations coming from openVPN clients has to
    pass though
    > the OPT1 interface instead of the LAN interface of pfsense? Or
    inotherwords,
    > how to
    > add one more network and gateway to the openVPN connection?
    >
    > I ran out of ideas how to solve this. Really appreatiate any
    help in this
    > regard

    If memory serves me correctly you need to tell openvpn to push the
    routes.   Google openvpn push routes.

    Scott

    ---------------------------------------------------------------------
    To unsubscribe, e-mail: support-unsubscr...@pfsense.com
    <mailto:support-unsubscr...@pfsense.com>
    For additional commands, e-mail: support-h...@pfsense.com
    <mailto:support-h...@pfsense.com>

    Commercial support available - https://portal.pfsense.org




--
Mobile: +971-50-9943477
Office: +971-4-4370703 x 402
Residence: +971-4-2232044

























					Reply via email to