VPN between 2 Firewalla Gold routers on different ISP

Comments

9 comments

  • Avatar
    Bob O'Hara

    You should be able to enable the vpn server on one of the FWGs and the vpn client on the other FWG. For the details look at this article: https://help.firewalla.com/hc/en-us/articles/5515850433683-Firewalla-Site-to-Site-VPN

    0
    Comment actions Permalink
  • Avatar
    Maintenance


    Should it be like this?

    Building A
    192.168.1.X
    255.255.255.0

    Building B
    192.186.3.x
    255.255.255.0

     

    Or different?
    Building A
    192.168.1.X
    255.255.252.0

    Building B
    192.186.3.x
    255.255.252.0

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    192.168.1.x is a /24 network so 255.255.255.0 is the best one to use

    0
    Comment actions Permalink
  • Avatar
    Maintenance

    do you mean to put both buildings on 192.168.1.x ?
    each building has its own ISP and over 100 devices and both have DHCP for wifi devices... We need the buildings to share devices with each other.

     

    0
    Comment actions Permalink
  • Avatar
    Maintenance

    ????

    0
    Comment actions Permalink
  • Avatar
    Bob O'Hara

    No, I think they were pointing out that your subnet masks were not correct. The subnet 192.168.1.x is a subnet with 256 IP addresses. The correct subnet mask for it is 255.255.255.0, or the equivalent CIDR spec of 192.168.1.0/24. The mask in your post here, 255.255.255.252 is not correct.

    0
    Comment actions Permalink
  • Avatar
    Maintenance

     

    Looking in the upper area posts, my posts show 255.255.252.0 not 255.255.255.252

    If I understand, when it is 255.255.255.0 then there are only 254 addresses for two different networks

    whereas 255.255.252.0 there are 1,024 addresses and in this way each Router could have a different DHCP address zone and there wall be a lower address limit and no crossover.

     

    0
    Comment actions Permalink
  • Avatar
    Maintenance

    currently the two Firewalla Gold routers are VPN together.... "A" is the server and "B" is a client.

    Building A
    192.168.1.X
    255.255.252.0

    Building B
    192.186.3.x
    255.255.252.0

    They are connected yet a PC in "B" can't even ping the "A" router.

    What is missing?

     

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    You may need to allow B's subnet on A's network. (insert allow rule on A)

    See this article https://help.firewalla.com/hc/en-us/articles/5515850433683-Firewalla-Site-to-Site-VPN

     

    0
    Comment actions Permalink

Please sign in to leave a comment.