OPNsense Forum
English Forums => Virtual private networks => Topic started by: tech101us on March 05, 2021, 03:28:04 am
-
Apologies if this has been asked before. Hoping someone can steer me in the right direction. I'm looking to establish a site-to-site VPN using either Wireguard or OpenVPN over the internet to my brothers home where I will host a server for off-site backups and Internet Access for a specific subnet. I'm going to be living outside the United States, so I'm going to setup an OpnSense router at my brothers house (it'll be a virtual instance running on a server I setup at his home) for the purposes of terminating the VPN tunnel from my location outside the US. I'll use the VPN tunnel specifically for remote backups as well as route traffic from a specific IP subnet at my home location across the VPN. All other traffic will not transit the VPN but go straight out my internet connection.
I'm trying to figure out what this scenario looks like in terms of NAT/FW rules and routing. I'm certain I'll need to configure static routes at both ends pointing to the VPN Gateways on each OpnSense instance for the IP subnets on the opposite end of the tunnel. But how would I configure any NAT or Firewall Rules to ensure only traffic from one specific IP subnet (OpnSense Interface) is routed via the VPN tunnel?
Thanks in advance. All comments are welcome and greatly appreciated.
-
Have a look at this: https://forum.opnsense.org/index.php?topic=21205.msg99309#msg99309