Can pfsense do this (newbie)?

iulian_2007 · Aug 5, 2009, 7:50 AM

Hello,

I'm looking for a good vpn server and I came across pfsense. Here is what I want to do: I need a VPN server with 1 external interface (public IP for clients to connect) and 3 internal interfaces (different networks). I want the clients to connect to the VPN server and based on username or certificate to get into network A, B or C. Can pfsense do this??

Thank you

iulian_2007 · Aug 5, 2009, 8:10 AM

more info:
external interface: a.b.c.d (public IP)
internal interface LAN1: 192.168.1.x
internal interface LAN2: 10.10.10.x
internal interface LAN3: 172.16.1.x

and based on username or certificate to get ip from LAN1,2 or 3

also, is it possible to integrate it with active directory? I mean to login to VPN using active directory username and password…

GruensFroeschli · Aug 5, 2009, 11:58 AM

Yes this is possible with the "Client-specific configuration" (client specific pushes)
and with OpenVPN firewall rules. (Although the firewalling of OpenVPN is currently quite a hack).

But you missunderstand that you get an IP out of your 3 subnets. This wont happen. You connect from a different subnet to these private LANs.

Yes you can integrate this with active directory.
Read the stickies !
http://forum.pfsense.org/index.php/topic,14946.0.html