OPNsense Forum
Archive => 17.7 Legacy Series => Topic started by: Julien on August 07, 2017, 08:12:21 pm
-
Dear All,
we have managed to configure a site to site OPENVPN server succecefully.
everything is working fine between site A and Site B. the steps are here https://docs.opnsense.org/manual/how-tos/sslvpn_s2s.html?highlight=vpn
Site A is the server and B is the client.
We are willing to connect Site C to the Site VPN A using the same shared key.
On site C firewall adde the client with the shared key from site A firewall however the tunnel is not up and running.
is this even possible with opnsense ? or we do have to create for each site a SSL VPN ?
-
I managed to get this fixed,
we have to create for each tunnel a server.
-
Well the doc is using ovpn in peer to peer mode. So if you have A using port 1194 to exchange with B, C can't connect to A because it's busy.
You could use server mode for site A, in this case a single instance would be used to connect B and C. Not sure this is desirable in terms of design, A becomes a single point of failure and I'm unsure how it would react to option "client-to-client".
It's probably more advisable to add another peer-to-peer instance on site A dedicated to communicating with site C. An idle instance doesn't cost anything in itself.
-
I've got the idea already and managed to create a server for each site.
it does works fine with pre shared key.
I am looking to get it working with tls just can't seem to find a tutorial for this.