pfSense Forum

pfSense English Support => OpenVPN => Topic started by: kryptos on June 30, 2012, 09:40:46 am

Title: Site to Site and Road warrior combined?
Post by: kryptos on June 30, 2012, 09:40:46 am
Hi all,

This a question from a new guy like me so bear with me. Currently I have setup openvpn for road warriors where users can connect to my main pfsense server and this is working great now recently we been opening a new branch and I am have already pfsense 2 on it and I am planning to to setup site to site vpn connection between this two servers. Is it possible to have this both site to site and  road warrior setup combined? I want to achieve to make our main server capable of handling both road warrior users and at the same time our branch office pfsense server could connect to it as site to site client.

Hope someone here could advise me what to do.


Thanks,
Rocel
Title: Re: Site to Site and Road warrior combined?
Post by: heper on June 30, 2012, 12:21:13 pm
what you want to do is no problem and should be fairly easy to setup.
 you will need a different tunnel subnet then your roadwarriors and easiest would be that the remote location lan has a different subnet then the local lan subnet. (this to avoid routing issues)

other then that you just have to pick the method you'd like to provide encryption (shared key being the easiest)




Title: Re: Site to Site and Road warrior combined?
Post by: kryptos on July 06, 2012, 04:42:48 am
I have found a howto that answer my inquiry. From this site ---> http://blog.stefcho.eu/?p=576

Thanks though for the response.



Regards,
Rocel
Title: Re: Site to Site and Road warrior combined?
Post by: Nachtfalke on July 06, 2012, 08:28:18 am
the difference on pfsense 2 between OpenVPN RoadWarrior and Site-to-Site is just the options in the GUI.
For a site-to-site connection you do not use Username/password so this option isn't available when selecting sito-to-site.

But the OpenVPN server is working the same - no matter if you selected site-to-site or RoadWarrior.

If you already found your answer - that's nice to hear and you can forget about my post :)
Title: Re: Site to Site and Road warrior combined?
Post by: kryptos on July 08, 2012, 03:22:53 am
Thanks for the pointers.. I now going to test more with Openvpn with Pfsense and it was getting easier to setup unlike before.

Just another question I have some dilemma with hostname not resolving  from remote connection from our main network where the vpn server resides. Though this can be accomplished with dns forwarder but I don't want to do this manually everytime I have a new hostname to resolve. I would like to resolve hostnames for my remote vpn users automatically. Please if you have any idea what will I do it would be a great help to me.

Regards,
Rocel

Title: Re: Site to Site and Road warrior combined?
Post by: Nachtfalke on July 08, 2012, 06:07:51 am
Try to use any pfsense LAN interface as DNS.
I am not sure how fast the names get resolved - this is something I am really not sure about the OpenVPN/DNS configuration.
Title: Re: Site to Site and Road warrior combined?
Post by: kryptos on July 08, 2012, 06:19:50 am
Tried that it though I didn't wait that long enough. I ll just tried again if that works. Thanks