Spoke to Spoke communication

keith@quikmart.com · January 04, 2025, 12:07:42 AM

I have multiple remote locations. I have an OPNSense VPN connection to each remote location from our main office and it is working fine. However, I need to be able to communicate between spokes. How do I get spoke to spoke communication?

bartjsmit · January 04, 2025, 10:19:34 AM

Enable client-to-client in the miscellaneous options

keith@quikmart.com · January 07, 2025, 04:46:32 AM

Thank you for the quick reply. However, I do not see the client-to-client option under miscellaneous.

bartjsmit · January 07, 2025, 08:23:13 AM

Do you use OpenVPN?

keith@quikmart.com · January 07, 2025, 06:05:32 PM

I am using IPSec VPN.

bartjsmit · January 08, 2025, 07:57:16 AM

AFAIK they are strictly point-to-point

Patrick M. Hausen · January 08, 2025, 02:43:26 PM

You need to add the networks of all other remote offices to the phase 2 ("child") SA for each spoke.

So e.g.

Main office: 192.168.0.0/24
Remote 1: 192.168.1.0/24
Remote 2: 192.168.2.0/24
...

VPN for remote 1

Main - local: 192.168.0.0/24, 192.168.2.0/24, ..., remote: 192.168.1.0/24
Remote 1 - local: 192.168.1.0/24, remote: 192.168.0.0/24, 192.168.2.0/24, ...

HTH
Patrick

Spoke to Spoke communication

keith@quikmart.com

January 04, 2025, 12:07:42 AM

bartjsmit

January 04, 2025, 10:19:34 AM #1

keith@quikmart.com

January 07, 2025, 04:46:32 AM #2

bartjsmit

January 07, 2025, 08:23:13 AM #3

keith@quikmart.com

January 07, 2025, 06:05:32 PM #4

bartjsmit

January 08, 2025, 07:57:16 AM #5

Patrick M. Hausen

January 08, 2025, 02:43:26 PM #6