VPN gateway and pfSense router
-
@Antibiotic inbound/return VPN traffic will be received on the WAN interface, passed to OpenVPN for decryption, and then passed back to pfSense where it will be 'processed' and routed accordingly.
if said decrypted traffic is subject to any shaping policy or offends any IDS/IPS, IP filtering, or DNS blocking, configured action will be taken before the packets are able to egress the WAN interface in the direction of the LAN.
-
@cyberconsultants So option one is prefer? Is it correct?
-
@Antibiotic if you absolutely need to use this other VPN device but still want to make use of pfSense's security services... then yes, #1 is the best option.
you're correct that if you put the VPN device before pfSense (#2), then pfSense/Suricata/pfBlocker/etc. would have no way to inspect the encrypted VPN traffic passing through it.
-
@cyberconsultants Finally))) Thank's
-
But, yes, why use two devices for that?
-
@stephenw10 I'm bought GLInet 2500A small VPN gateway before and don't have any ideas, how better to use with pfSense)))
-
Well you don't have to use it at all.
-
@stephenw10 Could be but filling yourself that a wasted money, better use it)))
-
Ha! It's running OpenWRT? You could probably run pihole on it or something similar.
-
@stephenw10 Yea OpenWRT but 21.02 snapshot officially, dont know why not a last release. You think its possible running pihole on him?
-
@Antibiotic This box officially support AdguardHome in build.
-
I don't know about pihole specifically by adguard does much the same thing and is in the OpenWRT software repo.
