L2TP / IPSec connextion where pfsense is the client



  • Hi all,

    I have a server running at a remote location and would like to establish a connexion to that remote location through an l2tp/ipsec VPN. I have no control over the remote location configuration. I have a laptop running some VMs that are subject to many changes. i want to "simulate" an infrastructure on that laptop and thus have installed pfsense as gateway. I would like that pfsense to establish the connexion to the remote location through l2tp/ipsec vpn. i've had some time on the web already but all i find is the config for a server, and i'm looking to configure a client.

    kind regards,
    ...


  • Netgate Administrator

    You can configure L2TP as a WAN type:
    https://docs.netgate.com/pfsense/en/latest/book/interfaces/interfacetypes-ppps.html#l2tp-layer-2-tunneling-protocol
    However I'm not sure you could configure it over IPSec transport since that requires IPs already in place for the end points.

    That's certainly not how it's intended to be used. If you have any other option I would try that.

    Steve



  • thanks for you answer.

    unfortunately i dont see another way to do this.


  • Netgate Administrator

    You have control over the remote server at all? You could have the server connect back to you using OpenVPN. That would not require any configuration of the remote firewall/router as long as they are allowing the server to connect out.

    Stve



  • nope
    this is in the course of a cursus and the remote servers are managed by the school. the VPN is working on my windows laptop (and i was trying to set it up on my linux salt master to control "my server" (the server(s) provided by the school for the purpose of the cursus)) without much success either. so in the end i tryed to have my local vm having acess to the www through a local gateway. (all vm are on an internal private LAN and access the outside world through a gateway, aka the pfsense) To complete the circle a would like to have my local infra being able to acces the server provided by the school (which is on their network accessible through that VPN)

    should you have any ideas to achieve that goal, i'm all hears,

    regards,

    Geoffrey


  • Netgate Administrator

    Hmm, connecting directly from the Linux box as a client seems far more likely to work in all honesty. If that can't be made to work I'd be very surprised to see pfSense able to connect.

    Steve


Log in to reply