PfSense box as VPN client
-
hello all, this is my first post to these forms. I usually don't post questions cause I can normally google my way to finding what I'm looking for. Anyway..
Is there a way to use pfSense as a VPN client? I want my pfSense box to connect to a vpn and then have a static route that would forward any traffic destined to a specific network out the VPN tunnel.
I have a LAN 172.16.5.0/24 behind my pfSense firewall and I want the pfSense box to connect my university's network through a vpn tunnel. The university's network is 10.10.0.0/16. Then I would have a static route that would forward any traffic destined for the 10.10.0.0/16 out the tunnel interface. Basically, I have some applications that are designed for use on the campus itself; and when students are off campus we are supposed to connect to the university's VPN through the windows VPN client. This is a hassle. I want it to work as such so when the application sends data to a server on campus… it gets there; instead of popping up a little window telling me to connect through the vpn. I want the application not to know that it is not actually on the campus network. This is by no way breaking my campus acceptable usage policy. As far as a security risk, I understand that everything that will be connecting through the VPN is logged under my name and I have taken and will take the proper security measures to protect my LAN at my home as well as the VPN tunnel. I simply want my firewall to be the VPN client instead of my PC.
Does pfSense have the functionality to become a VPN client? The vpn is made to be accessible for mac and windows PCs and uses PPP, no IPSec. Basically, on a windows machine all i have to do is open the vpn wizard type in "vpn.myuniversity.edu" as the server, type in my user name and password along with a domain name and i would be connected. If this is possible on a pfSense box, how do I go about accomplishing this?
Also as some added complexity, the tunnel interface may have to preform NAT because my pfSense will get a 10.10.0.0/16 address from the campus and without NAT data destined for the server on my campus would have a source address of 172.16.5.0/24, which would not be routeable on my campuses network so I would never achieve full connectivity. This was just an afterthought right before I clicked the submit button. But am I correct in this thinking?
I hope I explained everything well enough. If you have any other questions about my configuration just ask.
I know that this is a vpn question, but i posted it in general because there we're multiple VPN categories and i didn't know what one this fell under.
Thanks for any help you may have to offer!
-
Found this: http://doc.pfsense.org/index.php/Can_I_use_pfSense%27s_WAN_PPTP_feature_to_connect_to_a_remote_PPTP_VPN%3F
and this: http://forum.pfsense.org/index.php?topic=5601.0
Sounds like it won't do it out of the box but if you like to mod a bit maybe you can get something.edited to correct second link
-
You need to know what type of VPN is being used - IPsec or PPTP. Once you know that then it should be easy for people to direct you to the right piece of documentation.
