Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Site to Site VPN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Site to Site VPN (Read 486 times)
it-basement
Newbie
Posts: 2
Karma: 0
Site to Site VPN
«
on:
August 10, 2024, 08:16:40 am »
Hello everyone,
i ve a problem with multiple s2s vpn and trying to solve what did i wrong.
I need two s2s vpn, one of my headquarter to datacenter other for headquarter to factory.
Datacenter has sophos firewall and i connected without any problem its working.
I ve fortigate 60F firewall at factory but it didn' t work.
Is that possible in Opnsense or i m wasting my time?
Logged
bartjsmit
Hero Member
Posts: 2008
Karma: 194
Re: Site to Site VPN
«
Reply #1 on:
August 10, 2024, 08:31:37 am »
Quote from: it-basement on August 10, 2024, 08:16:40 am
Is that possible in Opnsense?
It is, but you are giving very few clues. What type of VPN? IPSec? OpenVPN? Wireguard?
If only your tunnels connect, check your routing. If you can ping only, check DNS.
Bart...
Logged
it-basement
Newbie
Posts: 2
Karma: 0
Re: Site to Site VPN
«
Reply #2 on:
August 10, 2024, 07:50:07 pm »
it s ipsec.
i saw firewall rules about it today. it s auto rules and pointing to first s2s i created. there s no rules about second one! i m suspicious about a bug!
Logged
Patrick M. Hausen
Hero Member
Posts: 6748
Karma: 568
Re: Site to Site VPN
«
Reply #3 on:
August 10, 2024, 08:27:20 pm »
Automatic creation of firewall rules for IPsec connections was removed not too long ago. I agree with that because IMHO it's a POLA violation. The admin should be in full control always. Which means you need an incoming rule for ports 500 and 4500 for all IPsec peers. Use a group alias ...
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Site to Site VPN
