Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Site2Site TAP Bridge How to do ?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Site2Site TAP Bridge How to do ? (Read 973 times)
gtrdriver
Newbie
Posts: 1
Karma: 0
Site2Site TAP Bridge How to do ?
«
on:
May 07, 2022, 09:21:39 pm »
Hello
I have the Need to Bridge (Layer2) using TAP and OpenVPN two Networks with same IP Range.
Example:
Lan1 (192.168.0.0/24) <> OpnSense <> WanIP --- Openvpn Tunnel TAP ---WanIP <> OpnSense <> Lan2 (192.168.0.0/24)
I think this sould be possible using opnSense and OpenVPN in TAP Mode - but i dont find any working Tutorial for this Config.
One of the best Conftigs i found was on Pfsense for Site2Client using TAP but not S2S
Is here anyone who successfully made a S2S Bridge with TAP using OpnSense ?
Im Thankfull for every Help !
Best REgards
Logged
Demusman
Sr. Member
Posts: 304
Karma: 13
Re: Site2Site TAP Bridge How to do ?
«
Reply #1 on:
May 09, 2022, 08:46:13 pm »
Hello,
I don't use OpnSense yet but I do the same thing you want on pfSense. (just looking at OpnSense at the moment)
Assuming the OpenVPN settings are the same as pfSense, you can follow this:
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-bridged.html
But first you'll need to create your certificates. Do that by following this:
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-tls.html
Once you assign the OpenVPN virtual port to a physical port, you do have available physical ports on both sides I hope, you can connect it to your LAN switch. This will send your LAN over the tunnel.
On the client side you will import the certificates needed, then create a client using peer to peer (SSL/TLS).
Then assign the OpenVPN interface on that side, bridge it with a physical interface and assign it an address on the LAN. I would suggest breaking the LAN into virtual /25's on both sides if possible, so assign the virtual interface on the client with 192.168.0.128. You might also want to create a new DHCP pool for the remote side but not necessary.
That should do it. I just recently took down my tap VPN so I'm going from memory but I think that's it.
«
Last Edit: May 09, 2022, 09:02:17 pm by Demusman
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Site2Site TAP Bridge How to do ?