Remote VPN Advice?
-
I have a working site-to-site IPsec VPN between two pfSense CE routers. I'd like to add remote VPN access for my Android phone. I hope to be able to reach both Site A and Site B networks from my phone.
Would it be best to create this remote VPN to Site A router using IPsec? Or is there an advantage to use OpenVPN instead? Once connected to Site A with either method, should I be able to see Site B? Thanks.
-
@XrayDoc88 No suggestions anyone?
-
@XrayDoc88
It should work with either VPN.
However, I don't use IPSec for my road warriors, so I can't tell for sure.
But I have multiple IPSec site-to-site connections and OpenVPNs for the remote access and I can tell you, that the remote clients can access all remote sites (they're allowed to) smoothly. -
@viragomann Thank you. Will I have to set up a remote OpenVPN server on each pfSense box, or will one OpenVPN connection to site A allow me to see the site B network as well?
-
@XrayDoc88
Of course I was talking about the OpenVPN server only on one site.In the IPSec you have to add a phase 2 for the OpenVPN tunnel network on either site.
In the OpenVPN server settings you have to enter the local subnets of both sites into the "local networks" box, in case if you haven't "redirect gateway" enabled. -
@viragomann Thank you. I'm brand new to VPNs, so still don't completely understand how they work or interact with each other. I'll try setting up the OpenVPN tunnel to one pfSense box tomorrow. I'll then take a look at the phase 2 settings for the IPsec tunnel. I'm assuming I'll add completely new phase 2 settings for the android phone in order to see the two separate site-to-site networks? I may have more questions once I get into the "thick of things". :)
-
OpenVPN can be configured for smartphone use and set up to access a NAS at home or what have you.
