Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Complete VPN noob looking for help - pfsense not main firewall

    IPsec
    2
    5
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      darknova
      last edited by

      I use pfsense at home and love it dearly. Recently I've volunteered to do some basic networking for a local company since they're a small non-profit. They would like to have their 2 offices be able to talk to each other like they did before they switched ISP's and before the previous person doing their work decided to come in and steal all of their networking gear.

      They were able to get some equipment back and we got it all set up and working again. Their previous setup was some kind of vpn connection also but I'm not sure what since all of the configuration was wiped out when we got the hardware back.

      I know NOTHING about VPN and am completely clueless. I've played around enough with my pfsense connection at home to get a working connection between my windows computer and my home network just fine, but I don't know how to do what we're looking to do.

      The current configuration does require that they keep their existing router/firewalls for internet access. That can't be changed. Building A has some ticketing utilities that Building B needs access to. So I guess it would be good if site B could access some systems on site A remotely and maybe the other way around. They're both on the same ISP and the ISP is already giving them a huge discount for the connection. We inquired about a leased line type connection but that was out of our budget. My next thought was that I have a couple of old computers I can donate and throw a linux distro on with openvpn but I've not the slightest idea how to get them set up. So I thought about using those same machines with pfsense since the vpn setup seemed pretty easy… But that was pptp. Wouldn't I need to setup ipsec for this? The guide that I found wasn't very clear to me so I'm just wondering if anyone has any simpler guides for us morons.

      Also, one thing that I noticed when I set up my vpn connection that any internet traffic was now going through the tunnel. Is this going to happen if/when I can get this vpn setup? So that only LAN traffic goes through the tunnels and internet traffic continues to go through the main connection?

      Sorry if I'm using the wrong terms for everything here. I know just some basic networking. They can't afford to hire a genius to set all of this up for them otherwise I wouldn't be posting. I'm hoping that at least someone can steer me in the right direction of a solution that would both work and be as easy as possible.

      *Oh and if it helps, the internal networks on both sides are using different addresses. 192.168.1.0 at building A and 192.168.2.0 at building B.

      1 Reply Last reply Reply Quote 0
      • F
        fastcon68
        last edited by

        Anybody giving you a hand?  I sent you a private message.  I be willing to give you a hand.  If you can get the boxes on the internet I Will be more than happy to help you with the VPN connection.

        Please let me know ( ron.carter@cartersweb.net)
        RC

        1 Reply Last reply Reply Quote 0
        • D
          darknova
          last edited by

          @fastcon68:

          Anybody giving you a hand?  I sent you a private message.  I be willing to give you a hand.  If you can get the boxes on the internet I Will be more than happy to help you with the VPN connection.

          Please let me know ( ron.carter@cartersweb.net)
          RC

          Sorry about the delay. Been busy with work + finishing school for the summer. Still need help with this one if you're available. I'll probably be on site tomorrow and I'll send you an email either tomorrow or later on this evening. Thanks!!!

          1 Reply Last reply Reply Quote 0
          • F
            fastcon68
            last edited by

            Give me a email or call either way I try to help you out.
            RC

            1 Reply Last reply Reply Quote 0
            • F
              fastcon68
              last edited by

              Here is just a few things that we need:
              Site 1&2
              Internal IP address ranges:  192.168.xxx.xxx or 172.16.xxx.xxx
              Gateway address at both sites
              subnet mask at both sites.

              We need to get the external addresses.

              Are you planning to have moblie clients?  If so we need to plan for either shrew or OpenVPN clients.  What verison of PF-Sense are you planning to run.

              What applications are going to run accross the VPN tunnel?
              Outlook, internal web, etc

              Once we get all that preliminary stuff togethor, Lets get online and the we can start the set up.  Then you can assist me to get into the firewalls and I can assist you in getting the configration locked down.

              Just let me know what we got to work with, and we will get you back up and running.
              RC

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.