OPNsense Forum

English Forums => Virtual private networks => Topic started by: jmcgon on August 24, 2022, 03:47:19 pm

Title: VPN setup questions
Post by: jmcgon on August 24, 2022, 03:47:19 pm

I am using the document for Road Warriors (https://docs.opnsense.org/manual/how-tos/sslvpn_client.html ) to set up a vpn on a Opnsense 22.7 version. 

In the setting up SSL server, the example shows using the 10.10.0.0 for the IPv4 tunnel.  From the  example it shows this as the remote works internal LAN address.  My question is that if a VPN will have remote connectors from various internal LAN's (some 192.168 others 10.10, etc) if I leave the IPv4 Tunnel unchanged or blank, will this allow remote connectors from various LAN's to connect?  Or does the remote client use the 10.10 for the ip tunnel by some default that I am not aware of?

If I set it up as per instructions, will this allow remote users to connect from various remote LAN's? :-\

Title: Re: VPN setup questions
Post by: Patrick M. Hausen on August 24, 2022, 04:02:32 pm

You can pick any address range that does not collide with any other you are already using somewhere in your network. Nothing hardwired here.

Title: Re: VPN setup questions
Post by: jmcgon on August 24, 2022, 06:57:02 pm

Thanks. 

Another question.  Setting up vpn server how does one decide which compression protocol to select?  Does it matter as long as it is enabled?

Title: Re: VPN setup questions
Post by: nzkiwi68 on August 26, 2022, 02:20:59 am

Its NOT recommended to run compression at all.

There are known security issues with compressions, I strongly recommend compression none.