i want to setup a Host-to-Net Virtual Private Network (RoadWarrior) to my NAS.
I can setup a normal RoadWarrior with one IPFire, but no idea to do this with two.
Can someone help?
thanks for the reply.
But i do not understand how i have to setup the OpenVpn. If i setup a Net-to-Net configuration for the two firewals, how the Roadwarrior can use this setup?
I believe your confusion is based on a misunderstanding or mix-up of roadwarriror and net-to-net VPN scenarios.
Could you please explain again what you are trying to do? In particular, which systems should be involved in a roadwarrior VPN connection and which ones should be part of a N2N connection?
I am pretty sure there is a solution - I just haven’t got the problem, yet.
Thanks, and best regards,
i have a tablet and want to connect to my NAS.
My network setup:
first ipFire with orange and green
second ipFire (red connected to green of the first ipFire)
NAS in green of second ipFire
At the time i have only one IPFire i have setup a Roadwarrior and it works fine.
but now i do not now to setup an OPNVpn to the second IPFire. The tablet should only reach this NAS, not the orange from the first IPFire and not the hole green of the second IPFire.
Best regards and thanks for help
Andreas from Germany
Allow me to think along with you. You have three routing devices in series, which means that any traffic to the second IPFire instance has been NAT’ed twice already.
In order for any device to be able to connect to the double NAT’ed firewall, you need to configure DNAT (destination NAT; aka port forwarding) for the used UDP and TCP port on both the Fritzbox and the first firewall.
That way the traffic for OpenVPN terminating on your uplink (the Fritzbox) is forwarded down the line to the first firewall, which forwards it to the second one. The second one can establish the connection and return traffic is NAT’ed accordingly upstream.
Please correct me if I’m wrong
i tried but it does not work:
my Fritsbox setting
my ipfire port forwarding
where is error?
edit: find Server poll timeout, trying next remote entry…
wrong rule setting have change to correct ip address and it works.
Thx for all your help