Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Setting up the pfSense as a mobile client (not as a server)

    IPsec
    3
    3
    576
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yi2020 last edited by

      We have a corp VPN (Fortinet) which allows mobile clients (what's called "Cisco IPsec" VPN on MacOS). It uses a PSK, username and password.

      I want the pfSense to connect to it. Since the pfSense is the default gateway for my internal LAN, what I would want to happen is that my internal hosts forward their traffic to the pfSense which chooses to send them over the VPN to the corp VPN instead of to the Internet.

      I don't want to go through the work of setting up full S2S ipsec with two phases etc. (I don't control the Fortinet).

      How do I accomplish this?

      1 Reply Last reply Reply Quote 0
      • B
        bachi last edited by

        I'm also interested in this kind of setup. Is it possible somehow?

        1 Reply Last reply Reply Quote 0
        • artooro
          artooro last edited by

          I was just searching this topic, not for the same use case but to centrally manage a lot of pfSense appliances, I think being able to set them up as IPsec clients with a virtual IP would be useful.
          At this time I have to create a separate tunnel for each managed pfSense, instead of dynamically provisioning virtual IPs via Radius.

          I'm pretty sure the answer is no, and the strongswan virtual IP option cannot be used with pfSense as a client.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post