Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
LAN, WAN and VPN settings
« previous
next »
Print
Pages: [
1
]
Author
Topic: LAN, WAN and VPN settings (Read 3573 times)
Singman
Newbie
Posts: 24
Karma: 0
LAN, WAN and VPN settings
«
on:
May 27, 2020, 12:26:27 pm »
Hi,
I have a problem setting up a firewall / VPN.
Basically, two network : a private one (LAN_P) and a corporate (LAN_C). Only LAN_C have an internet access and the goal is to give to a customer on internet access to a computer in the private network, but the client is OPNsense and it should initiate the connextion.
But I dont have access to LAN_P all the time, only for the setup. We are administrating everything from LAN_C, so I should give access to GUI from LAN_C. That's the 1st difficulty.
Next, I think if I setup a VPN client from the interface on LAN_C to the external customer, I will loose the control of OPNsense. That's the 2nd problem (or not ?).
Hopefully, the hardware have 4 ethernet ports, so I think I could do something like dedicating an interface to VPN and another one to GUI, both on LAN_C.
What do you think ?
Logged
bartjsmit
Hero Member
Posts: 2016
Karma: 194
Re: LAN, WAN and VPN settings
«
Reply #1 on:
May 27, 2020, 01:13:40 pm »
Quote from: Singman on May 27, 2020, 12:26:27 pm
What do you think ?
Draw a picture?
Logged
Singman
Newbie
Posts: 24
Karma: 0
Re: LAN, WAN and VPN settings
«
Reply #2 on:
May 27, 2020, 01:43:03 pm »
Logged
bartjsmit
Hero Member
Posts: 2016
Karma: 194
Re: LAN, WAN and VPN settings
«
Reply #3 on:
May 27, 2020, 02:06:47 pm »
Sounds like you need a site-to-site VPN to allow an unattended connection. OPNsense can be the server or the client using either IPSec or OpenVPN (easier).
The manual has a page on it:
https://docs.opnsense.org/manual/how-tos/sslvpn_s2s.html
Bart...
Logged
Singman
Newbie
Posts: 24
Karma: 0
Re: LAN, WAN and VPN settings
«
Reply #4 on:
May 27, 2020, 04:20:40 pm »
You have not read my message...
The problem is not to setup the VPN, the problem is to give access to the Admin console to OPNSense GUI, without using a VPN.
I"ve tried many settings, including a NAT transversal, all my attempts are blocked by the deny rule.
«
Last Edit: May 27, 2020, 11:51:56 pm by Singman
»
Logged
bartjsmit
Hero Member
Posts: 2016
Karma: 194
Re: LAN, WAN and VPN settings
«
Reply #5 on:
May 28, 2020, 07:31:38 am »
try Franco's suggestion in this thread:
https://forum.opnsense.org/index.php?topic=573.0
Logged
Singman
Newbie
Posts: 24
Karma: 0
Re: LAN, WAN and VPN settings
«
Reply #6 on:
May 28, 2020, 09:18:19 am »
Who should I trust ?
franco : Do a NAT from a high port like 12345 to LAN 443 - not working
ristridin : do a Firewall rule External IP/Host -> WAN address -> OPNSense 443 - not working
jwright : disable reply-to on WAN rules - not working
banym : change Mngmt port and open it from WAN - not working
I'm amazed by the number of answers to this very basic question (while pfSense is doing that in a very easy way) and none of them is working or provided with a simple step-to-step tutorial or picture, to avoid any errors.
BTW, my problem is still there.
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: LAN, WAN and VPN settings
«
Reply #7 on:
May 28, 2020, 09:45:33 am »
Your admin console connects from wan with a RFC1918 address from corporate network. So you have to allow private RFC1918 addresses from wan ( it's a checkbox in wan interface configuration) .
But why switching from pfSense when lucky and so much better?
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
Singman
Newbie
Posts: 24
Karma: 0
Re: LAN, WAN and VPN settings
«
Reply #8 on:
May 28, 2020, 11:06:41 am »
RFC1918 and bogon networks already desactivated
Logged
Singman
Newbie
Posts: 24
Karma: 0
Re: LAN, WAN and VPN settings
«
Reply #9 on:
May 28, 2020, 09:25:12 pm »
And if ...
I disable PF completely
?
I dont need the firewall part of OPNSense, just the router and VPN. My WAN (LAN corporate) is already secured by firewalls.
What do you think ?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
LAN, WAN and VPN settings