Site To Site and Road warrior in 2.0RCX
-
Hi.
With pfsense 1.2.3 I setup my server for a Road-Warrior and work, I remember that I had to user easy-rsa tools to build my files for each client. But now with pfsense 2.0 we have the certificate manager.
For the Road warrior, do we still need the easy-rsa tools or we can use the certificate manager to build the keys for each client?
Last thing, to connect 3 sites(networks) which setup is more strong against attacks:PKI or Shared Key?
The pfsense machines are protect against physical intruders.
Any input will be appreciated, thanks :)
-
It depends where you hold your pki files, but i prefer certificate more than shared secret
-
Thanks Metu69salemi for your input.
What about the client key's do we still need to use easy-rsa ???
-
you could try out in build certmanager