Need help setting up VPN on OPT interface
-
I have been doing some research on this particular problem and haven't found much that applies to my scenario. The scenario is as such:
pfSense 1.2.2 running on 2x PowerEdge 850 1U servers using Master/Backup CARP solution. We host several customers' servers on the OPT interfaces of our pfSense firewalls. Both firewalls are identical in spec including NICs. The NICs user are the onboard broadcom NICs and a quad port Intel NIC in each server. Intel NICs have virtual interfaces defined by VLAN. We have a customer on a VLAN'd interface isolated from our LAN. We want to keep it that way. Our customer has a need for connecting one of their 4 locations to their servers in our facility via VPN. The customer has a m0n0wall WRAP board running 1.236.
Our LAN is 192.168.10.0/24 and our virtual IP for both firewalls is 192.168.10.1 and the master is at 192.168.10.2 and the backup is at 192.168.10.3.
The customer's subnet in our network is on an OPT interface tagged VLAN 60 and the subnet is 192.168.60.0/24.
We have available public IPs to NAT to the OPT interface if need be and the remote end has a static IP address. The remote site is 10.0.0.0/8 (a little extraenous for at 10 user site :P).
What are the optimal settings for setting up an IPsec VPN between the remote site and our client's equipment on the OPT interface?