Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    newbie IPSEC client to network setup

    Scheduled Pinned Locked Moved
    IPsec
    2
    2
    232
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wc2l
      last edited by

      Hi Folks,
      I'm still a pretty new pfSense. I'm finding the need to have local network access from my laptop or ?? when I'm not at home.
      I want to have my laptop to be part of my network. From what I understand, IPsec is the preferred, but no the most easy to setup. I think I need to use IKEv2 standards.
      What I have not found is a step-by-step setup guide.
      I need to setup the Netgate router with pfSense
      Setup the VPN and firewall rules
      Then I need to create the client configuration for the laptops or ??

      Can someone give me some guidance??

      TNX Will

      1 Reply Last reply Reply Quote 0
      • planedropP
        planedrop
        last edited by

        Netgates official documentation for pfSense is the place to start, they have tons of configuration examples that go over things like this.

        However, it's worth noting that it may be easier to setup (and more important easier to setup securely) WireGuard instead of IPsec for this use case, I use WireGuard for remote access and it's been basically perfect.

        The big thing with IPsec is that it's really complex, overly so (and this is coming from someone who knows the ins and outs of IPsec very well and has setup an absolute ton of VPNs with it); so it can be hard to get working if you're knew to it and even harder to make properly secure, so if you go the IPsec route make sure you really understand it and be thorough, it's easy to make a big mistake.

        But again, I'd first encourage using WireGuard for remote access VPNs, unless you need to manage things at scale or have a reason to use IPsec, it would be my choice, I've even used it in corporate settings and it's been extremely reliable.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post