Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    What are the Best Practices for setting up Site-to-Site VPN?

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    4 Posts 2 Posters 656 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rkadmin
      last edited by

      Hi Team,

      We would like to use PFSense on a Desktop PC for 3 Branch Offices.  We would like to run Proxy, Web filter and VPN features on these Desktops. I have following questions:

      1. Can we use all 3 features…in a single system?
      2. Does it recommended to go ahead with the Desktop system for real time setup?
      3. What could be the best configuration of Desktop to run these services with Site-to-Site VPN as well.

      Thanks,
      Ram.

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        We would like to use PFSense on a Desktop PC for 3 Branch Offices.  We would like to run Proxy, Web filter and VPN features on these Desktops. I have following questions:

        • What is your real budget?
        • Do you have old server and/or workstation hardware?
        • How many peoples or users must be served in each office?
        • What kind of traffic is there usually in the game? (Surfing, mailing, downloading, streaming,…....)
        • What kind of protocols are in use, what services will be offered and how strong will be the Internet connection speed?
        1. Can we use all 3 features…in a single system?

        Yes, of course you will be able to do so, but in which art and wise do you plan to use the Squid Proxy?

        • As a caching proxy
        • As a transparent http-proxy between the DMZ servers and the LAN clients
        • As a non transparent proxy with user authentication for a better single client logging and so on?
        1. Does it recommended to go ahead with the Desktop system for real time setup?

        It should be pointed to many edge data or angle points what kind of desktop system is the best option
        for you and will be sufficient as well as you was also not talking about your budget plan here!

        1. What could be the best configuration of Desktop to run these services with Site-to-Site VPN as well.

        An older workstation can realize all you need!

        1 Reply Last reply Reply Quote 0
        • R
          rkadmin
          last edited by

          Thank You for reply.

          We don't have specific budget for this, we wish to use desktop with core i3 processor/4GBRAM/500GB Hard disk.

          Branch A=50, Branch B=20, Branch C=20

          Traffic: Mailing, surfing. Internet Speed is 50Mbps (Up/Down).

          Thanks,
          Ram.

          1 Reply Last reply Reply Quote 0
          • ?
            Guest
            last edited by

            We don't have specific budget for this, we wish to use desktop with core i3 processor/4GBRAM/500GB Hard disk.
            Is enough for all, but pending on the configuration of pfBlockerNG & DNSBL & TDL you may need more
            RAM inside.

            Branch A=50, Branch B=20, Branch C=20

            Could be also a SG-4860

            Traffic: Mailing, surfing. Internet Speed is 50Mbps (Up/Down).

            Could be also a APU2C4

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.