Use pfSense as OpenVPN Server, behind Watchguard Firewall & RADIUS User Auth?

  • Just looking at some advice for setting this up please….

    Look after an SBS 2011 network, which sits behind a Watchguard Firewall, looking to phase out PPTP VPN.

    What will be the best way to use OpenVPN instead? I will be using an APU Board.

    Gateway IP will be the Watchguard, not the pfSense.

    Tried connecting just the LAN, but couldn't get OpenVPN to connect to the interface. (Can't remember the error now, as it was a few weeks ago)

    Tried connecting WAN to the Watchguard, and putting the LAN on the SBS2011 network with no DHCP, can dial in, and get my tunnel IP. Can ping the pfSense box, but nothing else. (Gateway on the machine I'm trying to connect to?)

    It would be nice in the future to use a group out of the active directory for the user/pass, but not too fussed about this at the moment.

  • Never mind… sorted it now, changed the Gateway on the LAN interface to that of the Watchguard.

    Tested to make sure that clients on the SBS2011 network couldn't use the pfSense as a gateway to circumnavigate the Watchguard - it still picks up their originating IP and asks for authentication.

Log in to reply