P2P one mains site and multiple clients
-
Hello,
My setup is the following:
I have a Mains site with a pfsense
I have 5 remote site each with a pfsense
I need to have P2P between each remote site ans the main site and no communication between remote sites.
If I understand correctly and if i want to keep the P2P shared key set up, does it mean that I have to create 5 independant servers on the mains site, each one serving one an only one remote site?
Is that right?
Thanks
Pierre -
@PierreFrench
Shared key is deprecated and shouldn't be used anymore. You should go with TLS instead,You can do this with a single server as well. Just restrict the access with a proper firewall rule on the VPN Interface.
Remember to create client specific override for each. -
@viragomann
Thanks for your answer
If It keep shre key is beacuse it is simple and I don't need a top level security on that.
Regarding the second part of your answer regarding rules etc.. Can you please expand a bit on that ?
I am not getting it
Thanks -
@PierreFrench
Shared key is deprecated, as mentioned, and I didn't use it for years.
So I don't know if and how client specific overrides and the client side LAN routing work with it.
I think, it should if xou state the correct client name and the respective remote networks.
