Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Documentation and Translation
(Moderator:
fabian
) »
OpenVPN site-2-site documentation is missing something
« previous
next »
Print
Pages: [
1
]
Author
Topic: OpenVPN site-2-site documentation is missing something (Read 5482 times)
Gauss23
Hero Member
Posts: 766
Karma: 39
OpenVPN site-2-site documentation is missing something
«
on:
December 08, 2020, 07:37:50 pm »
Edit: just found:
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html
which shows the client-specific override section. It seems as if this is only needed, if you use the SSL/TLS mode of OpenVPN. Maybe that should be noted. Now I know the difference
____
Hi,
I'm referencing to this page:
https://docs.opnsense.org/manual/how-tos/sslvpn_s2s.html
For an OpenVPN site-2-site tunnel the documentation is missing the note that you need a client-specific override on the server side. You configure the remote network twice. Once in the main server config (all remote networks from clients connecting to that server are added there) and second in a client-specific override, where the remote network(s) from that client (mapped through the common name) are listed again. Otherwise you'll see a route in the system routing table but no traffic will be reaching it's target, because the OpenVPN daemon won't know to which client this network belongs and will discard the packet.
«
Last Edit: December 08, 2020, 07:52:42 pm by Gauss23
»
Logged
„The S in IoT stands for Security!“
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Documentation and Translation
(Moderator:
fabian
) »
OpenVPN site-2-site documentation is missing something
