From owner-freebsd-questions@freebsd.org Tue Sep 5 01:02:39 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7D746E063D0 for ; Tue, 5 Sep 2017 01:02:39 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from baywinds.org (50-196-187-248-static.hfc.comcastbusiness.net [50.196.187.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "baywinds.org", Issuer "rr-v" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 323DD68911 for ; Tue, 5 Sep 2017 01:02:38 +0000 (UTC) (envelope-from bferrell@baywinds.org) Received: from [192.0.2.130] (rr-iii [192.0.2.130]) by baywinds.org (8.14.4/8.14.4) with ESMTP id v850RWd2002548 for ; Mon, 4 Sep 2017 17:27:33 -0700 Subject: Re: openvpn To: freebsd-questions@freebsd.org References: From: Bruce Ferrell Message-ID: <440b79af-a159-1806-122e-155c26f42417@baywinds.org> Date: Mon, 4 Sep 2017 17:27:32 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Sep 2017 01:02:39 -0000 Doug, I use a pfsense firewall with an openvpn server installed.  I connect from Android, iOS, OS X, Windows and Linux.  The vpn connection use a separate subnet from my "normal" subnet and simply routed in.  No port forwarding needed that way.  Because the pfsense firewall is the default route, all server automatically are able to reach the vpn subnet because all non-lan traffic goes there and is then directed as needed. Bruce On 09/04/2017 03:09 PM, Doug Hardie wrote: > I have a home LAN with a number of servers on it. I have one public fixed IP address. I need to be able to access all the servers when away from home. Openvpn appears to be the best approach as there is a client available for ios which is what I carry. There is duplication of port usage on multiple servers so just port routing in the router is not viable. > > I have installed openvpn on one server and will setup the port in the router to route to it. However, there are a number of sample configuration files provided and I can't figure out which is the best one for me to use. My first thought was server.conf, but then tls-office.conf or static-office.conf also look reasonable. > > -- Doug > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >