The other servers either need a route pointing to your OpenVPN network using the NethServer as gateway, or a route on your PFsense doing the same thing.
Then it works.
Multiple LANs (Or vLANs) can work, but does increase complexity a lot. You need to be fairly knowledgeable (IP, dns and firewalling) to get it working. That’s just for internal usage. Using it with VPNs make it more difficult, but still doable…
This is just as a general warning: Don’t underestimate it!
the static routes in new cockpit is br0 at the three points in right side
forgive bad english
On the nethserver lan and pfsense it does have a Route option
I have a server at 192.168.0.15 and if i use the Nethserver OpenVPN roadwarrior then i route this ip in its lan?
but to be honest i havent use any of those features. Any guide?
As your NethServer has it’s own RED WAN connection, with a routing of 0.0.0.0 (Whole Internet), I doubt it can work using your PFSense OpenVPN.
Either use your PFSense for your NethServer, or have the NethServer provide OpenVPN, not your PFSense… Even with this, you’ll need routes - but only on your PFSense for the second option)
My 2 cents
Andy
In the routing info it is as follows,
This server is on the same LAN as your NethServer (192.168.0.3 Nethserver) and 192.168.0.15.
Ping should work both ways.
But the Server on 192.168.0.15 does not know about the OpenVPN network, and will send all responses to your PFsense.
At the moment, if you ping the NethServer via VPN, it will respond - via it’s own RED connection and not back to the PFSense OpenVPN network… So PING answers gets lost…
So it (The server on 192.168.0.15) either needs a local route pointing it to the OpenVPN network (192.168.70.0/24) and the LAN IP of your NethServer.
Or a similiar entry on your PFsense (An entry on both will also work!).
I add this in the static routes in nethserver, would this be the correct way?if so, I cannot reach the server using Nethserver OpenVPN roadwarrior (Not Pfsense OpenVPN). Do i need to redownload the config?
No, if NethServer is acting as OpenVPN Server, you do not need any additional routes on your NethServer.
You do need a route on other servers or on your PFSense (Or both), pointing to the OpenVPN network (192.168.70.0/24) using the LAN IP of your NethServer (192.168.0.3).
This allows you to also reach other servers AND your PFSense via OpenVPN.
If you want the PFSense to act as VPN Server, and the client gets connected via VPN and have access to the whole network, why are you using the WAN (Red). You can use br0 i.p 192.168.0.3/24 gateway (i.p of PFSense) and DNS1 (DNS (i.p of PFSense let’s assume 192.168.0.100/24).
Aditionally if PFSense is acting as DHCP Server than it should be configured to give the automatically dns as the ipaddress of the Nethserver (192.168.0.3) and secondary as PFSense gateway (192.168.0.100).
In Rules section check the VPN rules it should be something like this if you used openvpn wizard.
If you are using the Mapped folder use i.p address instead of hostname.
Regards
Cockpit → System → Network → Click on three dots at the right of the “Configure” button on your Green NIC → Create route
