New OpenVPN server - route entire network

Advanced feature discussion, beta programs and unsupported "Labs" features.
4 posts Page 1 of 1
by bubba198 » Mon May 27, 2019 7:57 pm
Hi guys, has anyone figured how to route an entire network using the new OpenVPN server where the NAT xlate is against the open VPN rather than the delivery end-point public IP?

The obvious use case is to route an entire private network behind the OpenVPN? Preferably Cisco ASA examples? Anyone out there?

by forest » Wed Jun 12, 2019 10:22 am
I have done it with Ubiquiti routers. The openvpn client knows how to take over the default route, so the idea is to run it on your network's internet router and configure the appropriate NAT and firewall rules. For more specific help, you might have better luck on a Cisco forum.
by bubba198 » Mon Sep 16, 2019 12:31 pm
Ok forget ASA, how about pfSense? Anyone out there? A modest pfSense VM doesn't take much resources and pfSense itself is super flexible as a firewall so it must work with OVPN server at sonic?

by forest » Mon Sep 16, 2019 3:20 pm
As long as your router of choice has the openvpn 2.4 client and the ability to configure NAT on any network interface, it should be possible to get it working with Sonic's server. (Older openvpn versions don't support the minimum TLS requirement that Sonic recently imposed, though.)

I would expect pfSense, OpenWRT, VyOS, and most other decent routers to be capable, but since I don't use any of them in the way you're describing, I can't tell you how to go about it. It's pretty likely that the same is true for everyone else who happens to be reading this forum. Again, I think you'll have better luck finding someone to guide you through the setup if you ask on a router-specific forum.
4 posts Page 1 of 1

Who is online

In total there are 2 users online :: 0 registered, 0 hidden and 2 guests (based on users active over the past 5 minutes)
Most users ever online was 422 on Sat May 26, 2012 5:28 am

Users browsing this forum: No registered users and 2 guests