Perhaps this question or variations thereoff have already been posed. But after many weeks of searching the net i opt for efficiency and just want an answer.
I just started on a new position and i inherited a infrastructure spread out over 12 locations.
Each site has a pfsense router and its own ip-range subnet. Before, to manage the pfsense i had to connect to openvpn one site at a time. now i have connected all pfsense routers in one big mesh overlay with the tailscale packadge for pfsense.
This makes management a lot easier. The next step is to connect all the subnets and ipranges into one big SD-WAN. The goal is to be able to ping all the computers in all the sites. And that all the sites can access the AD server in the azure VM(that one is also on tailscale already).
According to many articles this should be a breeze. But i have tried many different things and failed to get the desired result. Incl the 2 resources stated below:
a summary of things i can remember: static routes, tailscale acl’s, outbound nat mapping, firewall rules, NAT-PMP
I’m very basic in networking, please end my suffering and give me a good solid solution. Else i’d give up.