Create a site-to-site (S2S) VPN tunnel via OpenVPN secured with SSL/TLS (L2 mode) on pfSense 2.6

  • Firewall
  • pfSense
  • 5/7

6.4. Assign the virtual interface of the VPN client in TAP mode to a logical interface (OPTx) on site 2 (Paris)

As on the other physical site, you must assign the virtual interface of the OpenVPN client to a logical interface (OPTx).
To do this, on site 2 (Paris), go to: Interfaces -> Assignments.

An "Available network ports" section appears with the virtual interface "ovpnc1" which corresponds to your OpenVPN client (named in our case "Connect to Brux VPN server").
Select this virtual interface "ovpnc1" and click: Add.

The interface has been assigned to a logical interface (OPT1 in our case).
Click on its name (OPT1) or go to: Interfaces -> OPT1.

Enable this OPT1 logical interface by checking the "Enable interface" box, then rename it "OpenVPN_L2" using the "Description" field.

At the bottom of the page, click Save.

Click: Apply Changes.

The OPT1 interface has been enabled and renamed to "OpenVPN_L2".

6.5. Create the network bridge between the LAN and the OpenVPN tunnel on site 2 (Paris)

As on the other physical site, you must create a bridge between the LAN network (of site 2 (Paris) in this case) and the TAP interface of your OpenVPN client.
To do this, go to: Interfaces -> Assignments.

In the "Bridges" tab, click: Add.

For the "Member Interfaces" parameter, select your "LAN" and "OPENVPN_L2" interfaces.
Then, specify "OPENVPN_L2_BRIDGE" as the description and click Save.

Your network bridge has been created.

6.6. Allow network traffic in the OpenVPN tunnel on site 2 (Paris)

Like the other physical site, you must allow network traffic to pass through the OpenVPN tunnel.
To do this, go to: Firewall -> Rules.

In the "OPENVPN_L2" tab, click on: Add.

Configure this rule to allow all network traffic on the "OPENVPN_L2" interface, regardless of source and destination (since this only affects what passes through the OpenVPN tunnel):

  • Interface : OPENVPN_L2.
  • Address Family : IPv4.
  • Protocol : Any.
  • Source : Any.
  • Destination : Any.
  • Description : Allow all traffic through the OpenVPN L2 tunnel.

Then click Save.

Click: Apply Changes.

Network traffic is allowed in the OpenVPN L2 tunnel.

Create the same rule for the OpenVPN interface which concerns all the OpenVPN tunnels that you would have configured on pfSense.

To see also

Comments

No comment

Share your opinion

Pinned content

Contact

® InformatiWeb-Pro.net - InformatiWeb.net 2008-2022 - © Lionel Eppe - All rights reserved.

Total or partial reproduction of this site is prohibited and constitutes an infringement punishable by articles L.335-2 and following of the intellectual property Code.