![should you nic tea a virtualmachine should you nic tea a virtualmachine](https://cdn.workfrom.co/files/usermedia/48432-QG8Qj7yIRVy58QIyE9yO-BikeRackWeb.jpg)
Now it is time to deploy pfSense and configure it with the created certificate.įor those who don’t know, pfsense is a FreeBSD based firewall distribution which can be used for different use-cases. The iroute option tells OpenVPN Server that packets for the specified destination network should be transmitted via the tunnel to the corresponding client. The mapping between client and file is done using the Common Name (CN) specified in the client certificate and the file name. Then change the client specific configuration which was created automatically:Įcho 'iroute remote-network-adress netmask' | sudo tee -a /etc/openvpn/ccd/Iamonit-BlogĮcho 'iroute 192.168.128.0 255.255.255.0' | sudo tee -a /etc/openvpn/ccd/Iamonit-Blog The important thing here is that the site in the cloud does not use the same IP range as your local network. You should now see the new route pointing to tun0. First, enter a route in the nf of the server so that the tunnel device knows later that traffic for this network should be sent via the TUN device.Įcho 'route remote-network-adress Netmask' | sudo tee -a /etc/openvpn/nfĮcho 'route 192.168.128.0 255.255.255.0' | sudo tee -a /etc/openvpn/nf Now two configuration files should be adjusted. You can choose the name of the client yourself, just like the desired validity of the certificate. ovpn file with which the connection is quickly configured in pfSense. Step 4 – “Open the pod bay doors, please, HAL.” This will be used later in the nested VMC environment to be able to build a site-to-site VPN. After the installation of the VPN server we will create the necessary certificates and prepare a VPN client with the help of pfSense. In the first part we have created requirements for accessing the own network from outside with OpenVPN.