Configure OpenVPN HA opnsense cluster

Page content

In this LAB I’ll be creating OpenVPN SSL Peer to Peer connection.

The Architecture

 ------ WAN ------
 |               |
PF1 -- sync -- PF2
 |               |
 ----- LAN -------  

WAN: 192.168.0.0/24 (Bridgelt)
LAN: 192.168.20.0/24
SYNC: 192.168.30.0/24
opn01:
WAN 192.168.0.28
LAN: 192.168.20.28
SYNC:192.168.30.28

opn02:
WAN 192.168.0.29
LAN: 192.168.20.29
SYNC:192.168.30.29

Configurate the OpeVPN service

Got to VPN > OpenVPN > Wizards Example image

If you ulodad your certificate seledt that in the drop doew menu or select Add new Certificate to generate a new one. Example image

Example image

Edit the Adwanced Configuration:
Example image

Example image

Example image

Configurate NAT Rules to HA

Go to Firewall > NAT > Outbound and clone the manul LAN Rule Example image

Enable Connection from OpenVPN to master and slave

In default there in no rout to the salve nod.
Go to Firewll > Aliases > Add and create alias for CARP members:
Example image

Then go back to Firewall > NAT > Outbound > Settings and create a new rule: Example image

Blaiserman avatar
About Blaiserman
I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I'm working as a DevOps Engineer.
comments powered by Disqus