Connect pfSense to Windows ISA 2004 vpn using L2TP



  • I need to connect a pfSense box to a remote Microsoft ISA 2004 server using L2TP. The connection needs to be on constantly, but if it can't connect it then needs to connect to a watchguard firebox.

    Can anyone help me? The main thing is the ISA 2004 connection, the watchguard would be incredibly handy.

    Many thanks

    Matt



  • Ahm, remove that IPCOP from your headline  :P
    L2TP won't work. It might be easier to connect to the wathcguard but I don't know as I haven't tried with the ISA2004 yet.



  • Sorry have been trying with pfSense and ipcop.

    Can anyone suggest of anything that i could install on top that would allow me to do this? Or perhaps another opensource firewall that might work?

    Cheers



  • We already have it in head (or at least planned for as it is not tested yet). Stay tuned (though head will be a long way to go before release).



  • Would it work with a pre-shared key with the current setup?



  • I've had an IPsec connection to a Watchguard x1000 for a little over a month. I'll be posting some screenshots and a basic howto shortly. (hopefully this week) I will put up the screenshots first, as soon as I can edit out the important stuff.
    The short answer is yes, IPsec to watchguard is possible and so, far, seems quite nice.
    Pay attention to the "advanced" button when setting up the tunnel on the watchguard side.
    Remember; both sides require identical settings for protocols, renegotiating timing, and identifiers.
    The default settings do not match between pfsense and watchguard.
    This is Monday. I hope to have some images up by Thursday/Friday. (depending how my "real" job goes…)


Locked