"
Having this issue too while trying to migrate from pfSense, and it really is a deal-breaker to me.
I hope it will be fixed, because overall I really like OPNsense.
I hope it will be fixed, because overall I really like OPNsense.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Virtual private networks / Re: openvpn interface skipped in gateway group
April 02, 2025, 02:19:41 PM #2
Virtual private networks / Re: Nested VPN problems
April 19, 2021, 10:22:45 AM
vigilian, thank you for detailed answer.
A few days ago I just gave up and set up the second VPN on a separate VM, routing it then to the first one via additional interface. This works pretty stable so far.
The "2 VPNs 1 OPNsense" setup just didn't work for me. Turning off the VPN1 gateway monitoring didn't help, ping from VPN1 interface didn't work until I restarted it a couple of times.
Maybe there is something specific to my VPN endpoints, but I just can't make it work properly after spending a week.
A few days ago I just gave up and set up the second VPN on a separate VM, routing it then to the first one via additional interface. This works pretty stable so far.
The "2 VPNs 1 OPNsense" setup just didn't work for me. Turning off the VPN1 gateway monitoring didn't help, ping from VPN1 interface didn't work until I restarted it a couple of times.
Maybe there is something specific to my VPN endpoints, but I just can't make it work properly after spending a week.
#3
Virtual private networks / Re: Nested VPN problems
April 03, 2021, 09:03:32 AMQuote from: Antaris on April 02, 2021, 04:44:32 PMI guess you misunderstood me.
You don't need 2 OPNsense boxes for that :) Just set 2 VPN servers in one OPNsense box on different ports that leads to different internal networks.
I need nested VPN clients, not servers.
#4
Virtual private networks / Nested VPN problems
March 27, 2021, 01:56:09 PM
Hi.
I'm trying to setup nested OpenVPN client connecitons in OPNsense 21.1.3_3 and it doesn't work as it should.
My network overview:
What I wan to achieve:
This configuration works just fine if I use two separate machines with OPNsense per each VPN and chain them, but when I setting up both VPN connections inside a single OPNsense instance, weird things happen:
If I restart both VPN connections few times, it's starting to work fine, but after I reboot OPNsense machine, it starts all over again.
OpenVPN setup:
VPN1: Interface: ISP_PPPoE, Don't pull routes, Don't add/remove routes
VPN2: Interface: VPN1, Don't pull routes, Don't add/remove routes
Firewall rules:
LAN1: PASS LAN1 network to ANY, GATEWAY VPN1
LAN2: PASS LAN2 network to ANY, GATEWAY VPN2
Outbound NAT:
Firewall to ISP_PPPoE
LAN1 to VPN1
LAN2 to VPN2
I'd like to know if having nested OpenVPN connections is a supported configuration?
If so, could you please advise me how to fix this problem.
Upd: I checked, VPN subnets are not overlapping. VPN1 get a dynamic IP in 10.8.0.0/24 with GW 10.8.0.1, VPN2 is in 10.8.8.0/24, GW 10.8.8.1.
I'm trying to setup nested OpenVPN client connecitons in OPNsense 21.1.3_3 and it doesn't work as it should.
My network overview:
What I wan to achieve:
This configuration works just fine if I use two separate machines with OPNsense per each VPN and chain them, but when I setting up both VPN connections inside a single OPNsense instance, weird things happen:
- Gateway monitor shows 100% packet loss on VPN1, hosts from LAN1 have no internet access
- Internet access for LAN2 hosts works just fine
- OPNsense GUI becomes very laggy, opening the Dashboard takes more than 10 seconds
If I restart both VPN connections few times, it's starting to work fine, but after I reboot OPNsense machine, it starts all over again.
OpenVPN setup:
VPN1: Interface: ISP_PPPoE, Don't pull routes, Don't add/remove routes
VPN2: Interface: VPN1, Don't pull routes, Don't add/remove routes
Firewall rules:
LAN1: PASS LAN1 network to ANY, GATEWAY VPN1
LAN2: PASS LAN2 network to ANY, GATEWAY VPN2
Outbound NAT:
Firewall to ISP_PPPoE
LAN1 to VPN1
LAN2 to VPN2
I'd like to know if having nested OpenVPN connections is a supported configuration?
If so, could you please advise me how to fix this problem.
Upd: I checked, VPN subnets are not overlapping. VPN1 get a dynamic IP in 10.8.0.0/24 with GW 10.8.0.1, VPN2 is in 10.8.8.0/24, GW 10.8.8.1.
Pages1
