IPSec on all incoming connections but not outgoing
c0465 last edited by
I am new to pfsense so apologies if this is a basic question but I don't seem to find the solution on google.
I understand IPSec in pfsense is mostly meant to protect a site to site connection with a specific IP.
But is there a way to do something similar to Windows, which allows to make IPSec mandatory on all incoming connections, but optional (or better no ipsec at all) on all outgoing connections?
Basically I am trying to protect a server with pfsense, I want the server to be able to access the web without IPSec (so that it can update itself) but all clients (which I control) connecting to that server to be forced to use IPSec, whichever IP they come from.