Can pfsense do this (newbie)?



  • Hello,

    I'm looking for a good vpn server and I came across pfsense. Here is what I want to do: I need a VPN server with 1 external interface (public IP for clients to connect) and 3 internal interfaces (different networks). I want the clients to connect to the VPN server and based on username or certificate to get into network A, B or C. Can pfsense do this??

    Thank you



  • more info:
    external interface: a.b.c.d (public IP)
    internal interface LAN1: 192.168.1.x
    internal interface LAN2: 10.10.10.x
    internal interface LAN3: 172.16.1.x

    and based on username or certificate to get ip from LAN1,2 or 3

    also, is it possible to integrate it with active directory? I mean to login to VPN using active directory username and password…



  • Yes this is possible with the "Client-specific configuration" (client specific pushes)
    and with OpenVPN firewall rules. (Although the firewalling of OpenVPN is currently quite a hack).

    But you missunderstand that you get an IP out of your 3 subnets. This wont happen. You connect from a different subnet to these private LANs.

    Yes you can integrate this with active directory.
    Read the stickies !
    http://forum.pfsense.org/index.php/topic,14946.0.html


Log in to reply