Configure OpenVPN HA opnsense cluster

May 25, 2019

Page content

In this LAB I will be creating OpenVPN SSL Peer to Peer connection.

The Architecture

 ------ WAN ------
 |               |
PF1 -- sync -- PF2
 |               |
 ----- LAN -------  

WAN: 192.168.0.0/24 (Bridgelt)
LAN: 192.168.20.0/24
SYNC: 192.168.30.0/24

opn01:
WAN 192.168.0.28
LAN: 192.168.20.28
SYNC:192.168.30.28

opn02:
WAN 192.168.0.29
LAN: 192.168.20.29
SYNC:192.168.30.29

Configurate the OpeVPN service

Got to VPN > OpenVPN > Wizards Example image

If you ulodad your certificate seledt that in the drop doew menu or select Add new Certificate to generate a new one. Example image

Example image

Edit the Adwanced Configuration: Example image

Example image

Configurate NAT Rules to HA

Go to Firewall > NAT > Outbound and clone the manul LAN Rule Example image

Enable Connection from OpenVPN to master and slave

In default there in no rout to the salve nod. Go to Firewll > Aliases > Add and create alias for CARP members: Example image

Then go back to Firewall > NAT > Outbound > Settings and create a new rule: Example image

The Architecture

Configurate the OpeVPN service

Configurate NAT Rules to HA

Enable Connection from OpenVPN to master and slave

Your support is our everlasting motivation, that cup of coffee is what keeps us going!

Your support is our everlasting motivation,
that cup of coffee is what keeps us going!