Feature request: OpenVPN client-to-client config option

[hfvk]

Hello,

OPNsense is a wonderfull product, thank you for all the development!

I am using OpenVPN server on OPNsense router and I also permit client-to-client traffic. For this reason, I need to enable client-to-client OpenVPN option using the Advanced configuration options in the OpenVPN server config page.

As the page states, the Advanced configuration option will be removed in the future. Thus, I suggest that client-to-client setting would have its own checkbox on the config page so that there would be no need to use the advanced config dialog.

Any thoughts on this?

[mimugmail]

There is already a checkbox, can you please have a look again :)

[hfvk]

There is already a checkbox, can you please have a look again :)

I must be blind...  :D Could you please advise where the checkbox is located? I checked both OpenVPN client/server views but did not find such checkbox.

[thebraz]

Hello,

is the Inter-client communication checkbox when you configure / edit the OpenVPN server

Best Wishes

[hfvk]

Hello,

is the Inter-client communication checkbox when you configure / edit the OpenVPN server

Best Wishes

Hello,

I am at: VPN -> OpenVPN -> Servers -> (edit server) page.
I see the following sections:
- General information
- Cryptographic Settings
- Tunnel Settings
- Client Settings
- Advanced configuration

In which section should it be? I cannot find such setting from this page. I have tried to find it using browsers find function with no success. I am using Chrome.

OPNsense 20.7.2-amd64
FreeBSD 12.1-RELEASE-p8-HBSD
OpenSSL 1.1.1g 21 Apr 2020

[mimugmail]

Screenshots please

[hfvk]

Screenshots please

Please find attached the screenshots. I have hidden my configs but you can see the configuration options I have available.

Server mode: Peer to peer (SSL/TLS).
Protocol UDP
Device tun

[Fright]

what server mode you set?
its in tunnel settings if Remote Access mode enabled

[hfvk]

what server mode you set?
its in tunnel settings if Remote Access mode enabled

In my case, the server mode is "Peer to Peer (SSL/TLS)". I can confirm that if I change the server mode to Remote Access, the configuration option comes available.

I am wondering if there are any reasons why Inter-client communications is not available in Peer to Peer mode. Any thoughts on this?

[Fright]

Any thoughts on this?

because Peer-to-Peer mode is for Site-to-Site connections. so computers in the corresponding subnets communicates with each other without vpn

[hfvk]

Any thoughts on this?

because Peer-to-Peer mode is for Site-to-Site connections. so computers in the corresponding subnets communicates with each other without vpn

Thank you pointing this out! I have not realised that what different server mode options there are. Anyway, I will modify my config to work in Remote Access mode which will solve my original questions.