Use Case for NetGate
I am new to NetGate and I was wondering whether NetGate/PfSense would satisfy my Use Case below (from what I read, it looks like it will but I want to make sure). Also, I am unsure of what model to buy.
What we want:
- For our office (around 15 ppl), we want users to be able to connect via VPN to our office network
- Once they are connected to our office network, they should be able to access our web server which has some web apps for them to be able to use. This way, these web apps will be secure as they are accessible only if someone connects to our office network
What we do now:
- Right now, we use TP Link and OpenVPN. The problem is that we only have one certificate generated by the router and all our users sue this certificate which is obviously an issue. We want to be able to issue individual certs to users and revoke them at any point if need be
Wouild PfSense satisfy the above use case? Also, what model of NetGate should I buy? Sorry if this is a bit of a novice question!
Gertjan last edited by
For our office (around 15 ppl), we want users to be able to connect via VPN to our office network
Understandable, this is what half the planet was - is doing in 2020. pfSense got you covered.
Once they are connected to our office network, ....accessible only if someone connects to our office network
That's what basic VPN access is all about : using local LAN resource that are otherwise not accessible from the outside. You are covered again.
only have one certificate generated
That router is proposing VPN access for one person, the admin, so he can do what admins do.
pfSense permits you to create as many users as you want, all with individual certs, passwords, whatever.
Also, what model of NetGate should I buy?
The smallest one might be to small, or just right. The biggest might be overkill - or just right.
If you want to do go into the transport business, and have to bring a bottle of milk to the neighbour, I would advise a pair of baskets.
If you need to transports millions of bottles to the other side of the country, I would advise you to invest in a A380 bulk carrier.
So, what are the numbers ;)
You are aware of the fact that you can download pfSense ? It's just an OS, that needs to be installed on a bare bone PC - or even VM, it needs at least two NIC's and your up.
After all, it's just a router/firewall with a lot of options and possibilities. Build in VPN access is just one of them.
your use case sounds like a no-brainer for pfSense.
The hardware choice depends on your WAN bandwidth / VPN bandwidth needs.