No Site To Site L2TP on PfSense ?



  • Hi,
    I am figuring out how to replace my old L2TPv3 wlan controller (Motorola RFS) with a PfSense VM.
    I Need to do L2TPv3 encapsulation of wlan/vlan users traffic of Wi-Fi Access Points on remote sites : The Access Points and the PfSense should be the L2TP endpoints.

    My problem is that L2TP service on PfSense seems be only for mobile users (ask for user logins) and not site to site L2TP VPN (See https://docs.netgate.com/pfsense/en/latest/vpn/ipsec/l2tp-ipsec.html)

    What do you thing about this ?
    Seems to me that I should investigate about configuring a L2TP over IPSec on a Linux VM.
    Regards,

    Denis.



  • @denis31, I wouldn't expect many people on this forum to know what / how the Motorola RFS L2TPv3 link works, however, as luck would have it, I do.
    I'm assuming you have another RFS at the other end of the L2TPv3 link.
    I've never tried do to what you are looking to do with pfSense, I'd have to spin up a lab to have a crack at it.
    Ultimately, I'd suggest you have a rethink on how you can replace the L2TPv3 link with an IPSEC link. You can configure the RFS to run an IPSEC tunnel to pfSense, its not as simple to configure as L2TPv3 by any stretch, but it works.
    If you are using the L2TPv3 to do stuff like adopting remote APs, you will ultimately have to migrate your environment from Bridged tunnelling to Local egress.


Log in to reply