If you happen to have your offices connected with IPsec VPN, and also have a OpenVPN setup into your main pfSense router, then you can also allow your road warriors and COVID quarantined workers access to all the resources from each location.
Normally you will only have access to the local network that the OpenVPN connects to, but with a few simple steps you can allow access to all connected networks.
If you already have the IPSec VPN and the OpenVPN setup and working, you just need to add a few things.
Also if you have the firewall rules for those 2 VPNs to allow all traffic to all places then you don’t need more firewall rules.
So Setup for this example is:
OpenVPN is 188.8.131.52/24
SiteA has the OpenVPN setup on it.
SiteA and SiteB both have IPsecVPN setup on them.
You need to add another Phase 2 entry on both sites, and you need to add the SiteB network into the OpenVPN settings.
- Open up IPSEC tunnels on SiteA > Copy the Phase 2 entry > Change Local Network dropdown to Network > Add in the IP range that the OpenVPN uses, for ex: 172.20.50.0/24
- Rename in Description > Save and Apply.
- Open up IPSEC tunnels on SiteB > Copy the Phase 2 entry > Change Remote Network dropdown to Network > Add in the IP that the OpenVPN uses, for ex: 172.20.50.0/24
- Rename in Description > Save and Apply
- Edit your OpenVPN server > Under IPv4 Local network(s) > Add in the network of SiteB. Separate multiple networks with a , so for example 192.168.1.0/24,192.168.2.0/24
That should do it, if you have everything setup properly that should start working.