Site To Site and Road warrior in 2.0RCX



  • Hi.

    With pfsense 1.2.3 I setup my server for a Road-Warrior and work, I remember that I had to user easy-rsa tools to build my files for each client. But now with pfsense 2.0 we have the certificate manager.

    For the Road warrior, do we still need the easy-rsa tools or we can use the certificate manager to build the keys for each client?

    Last thing, to connect 3 sites(networks) which setup is more strong against attacks:PKI or Shared Key?

    The pfsense machines are protect against physical intruders.

    Any input will be appreciated, thanks  :)



  • It depends where you hold your pki files, but i prefer certificate more than shared secret



  • Thanks Metu69salemi for your input.

    What about the client key's  do we still need to use easy-rsa  ???



  • you could try out in build certmanager


Locked