Site to Site VPN

Started by it-basement, August 10, 2024, 08:16:40 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 10, 2024, 08:16:40 AM
Hello everyone,

i ve a problem with multiple s2s vpn and trying to solve what did i wrong.

I need two s2s vpn, one of my headquarter to datacenter other for headquarter to factory.

Datacenter has sophos firewall and i connected without any problem its working.

I ve fortigate 60F firewall at factory but it didn' t work.

Is that possible in Opnsense or i m wasting my time?
August 10, 2024, 08:31:37 AM #1
Quote from: it-basement on August 10, 2024, 08:16:40 AM
Is that possible in Opnsense?
It is, but you are giving very few clues. What type of VPN? IPSec? OpenVPN? Wireguard?

If only your tunnels connect, check your routing. If you can ping only, check DNS.

Bart...
August 10, 2024, 07:50:07 PM #2
it s ipsec.

i saw firewall rules about it today. it s auto rules and pointing to first s2s i created. there s no rules about second one! i m suspicious about a bug!
August 10, 2024, 08:27:20 PM #3
Automatic creation of firewall rules for IPsec connections was removed not too long ago. I agree with that because IMHO it's a POLA violation. The admin should be in full control always. Which means you need an incoming rule for ports 500 and 4500 for all IPsec peers. Use a group alias ...
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions