Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Site to Site SSL with multiple site
« previous
next »
Print
Pages: [
1
]
Author
Topic: Site to Site SSL with multiple site (Read 5840 times)
Julien
Hero Member
Posts: 666
Karma: 33
Site to Site SSL with multiple site
«
on:
August 07, 2017, 08:12:21 pm »
Dear All,
we have managed to configure a site to site OPENVPN server succecefully.
everything is working fine between site A and Site B. the steps are here
https://docs.opnsense.org/manual/how-tos/sslvpn_s2s.html?highlight=vpn
Site A is the server and B is the client.
We are willing to connect Site C to the Site VPN A using the same shared key.
On site C firewall adde the client with the shared key from site A firewall however the tunnel is not up and running.
is this even possible with opnsense ? or we do have to create for each site a SSL VPN ?
Logged
OPNsense 23.1.7_3-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023
Julien
Hero Member
Posts: 666
Karma: 33
Re: Site to Site SSL with multiple site
«
Reply #1 on:
August 07, 2017, 10:46:49 pm »
I managed to get this fixed,
we have to create for each tunnel a server.
Logged
OPNsense 23.1.7_3-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023
epoch
Newbie
Posts: 35
Karma: 3
Re: Site to Site SSL with multiple site
«
Reply #2 on:
August 07, 2017, 10:50:41 pm »
Well the doc is using ovpn in peer to peer mode. So if you have A using port 1194 to exchange with B, C can't connect to A because it's busy.
You could use server mode for site A, in this case a single instance would be used to connect B and C. Not sure this is desirable in terms of design, A becomes a single point of failure and I'm unsure how it would react to option "client-to-client".
It's probably more advisable to add another peer-to-peer instance on site A dedicated to communicating with site C. An idle instance doesn't cost anything in itself.
Logged
Julien
Hero Member
Posts: 666
Karma: 33
Re: Site to Site SSL with multiple site
«
Reply #3 on:
August 08, 2017, 06:37:49 pm »
I've got the idea already and managed to create a server for each site.
it does works fine with pre shared key.
I am looking to get it working with tls just can't seem to find a tutorial for this.
«
Last Edit: August 08, 2017, 07:52:25 pm by Julien
»
Logged
OPNsense 23.1.7_3-amd64
FreeBSD 13.1-RELEASE-p7
OpenSSL 1.1.1t 7 Feb 2023
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
Site to Site SSL with multiple site