werty1st · November 19, 2015 10:38
diff --git a/gistfile1.txt b/gistfile1.txt
 Goal of this document is to describe how to setup a vpn tunnel with two pfSense boxes
 having the same LAN subnet, for the purpose of this doc we'll use 192.168.1.1/24 on
 both firewalls LAN interfaces

 We have to make some dummy networks here to NAT to so as far as Site A will be concerned,
 site B will be 192.168.2.0/24, and as far as Site B is concerened site A will be 192.168.3.0/24

 SiteA (LAN 192.168.1.1)
 OpenVPN Server:
 Standard Setup and we'll use 10.0.1.0/24 as the Tunnel Network (I can elaborate here later)
 Under advanced settings add these lines:
 push "route 192.168.3.0 255.255.255.0";
 route 192.168.2.0 255.255.254.0;   ### Site B LAN

 Then under the OpenVPN Client Specific Overrides tab we'll add the following lines to the Advanced section
 for the SiteB CSO:
 iroute 192.168.2.0 255.255.254.0;
 ifconfig-push 10.0.1.253 10.0.1.254 # Optional but makes the client always connect with the same IP

 1to1 NAT: Firewall > NAT > 1to1 tab
 add a new entry with the following settings
 Interface = Openvpn
 External Subnet = 192.168.3.0
 Internal IP = 192.168.1.0/24
 Destination = 192.168.2.0/24

 Create appropriate firewall rules on the OpenVPN interface

 Site B
 OpenVPN Client
 LAN 192.168.1.1
 This side is really simple, we just create a client to connect to the server and the advanced section is blank

 1to1 NAT: Firewall > NAT > 1to1 tab
 add a new entry with the following settings
 Interface = Openvpn
 External Subnet = 192.168.2.0
 Internal IP = 192.168.1.0/24
 Destination = 192.168.3.0/24

 Create appropriate firewall rules on the OpenVPN interface
	Goal of this document is to describe how to setup a vpn tunnel with two pfSense boxes
	having the same LAN subnet, for the purpose of this doc we'll use 192.168.1.1/24 on
	both firewalls LAN interfaces

	We have to make some dummy networks here to NAT to so as far as Site A will be concerned,
	site B will be 192.168.2.0/24, and as far as Site B is concerened site A will be 192.168.3.0/24

	SiteA (LAN 192.168.1.1)
	OpenVPN Server:
	Standard Setup and we'll use 10.0.1.0/24 as the Tunnel Network (I can elaborate here later)
	Under advanced settings add these lines:
	push "route 192.168.3.0 255.255.255.0";
	route 192.168.2.0 255.255.254.0; ### Site B LAN

	Then under the OpenVPN Client Specific Overrides tab we'll add the following lines to the Advanced section
	for the SiteB CSO:
	iroute 192.168.2.0 255.255.254.0;
	ifconfig-push 10.0.1.253 10.0.1.254 # Optional but makes the client always connect with the same IP

	1to1 NAT: Firewall > NAT > 1to1 tab
	add a new entry with the following settings
	Interface = Openvpn
	External Subnet = 192.168.3.0
	Internal IP = 192.168.1.0/24
	Destination = 192.168.2.0/24

	Create appropriate firewall rules on the OpenVPN interface

	Site B
	OpenVPN Client
	LAN 192.168.1.1
	This side is really simple, we just create a client to connect to the server and the advanced section is blank

	1to1 NAT: Firewall > NAT > 1to1 tab
	add a new entry with the following settings
	Interface = Openvpn
	External Subnet = 192.168.2.0
	Internal IP = 192.168.1.0/24
	Destination = 192.168.3.0/24

	Create appropriate firewall rules on the OpenVPN interface