1 NIC/WAN 2 IPs VPN Gateway/Bridge/Passthrough - Can pfSense do this?

  • First off: I am a total newb to BSD/PF/pfSense/firewalls/etc. So, I am a bit unfamiliar with the correct terminology. Perhaps this question has already been answered and I couldn't find it because I just didn't know what to search for. Please forgive me if that is the case.

    The question is: Can I use pfSense as a remote security gateway such that users connect via VPN (PPTP, L2TP, OpenVPN, etc.) and their requests are sent over the internet on the same NIC (WAN)? Something like what's depicted in the attached picture or:

    +–--------+                             +-----------+                +------------+
    |          |                             |           |                |            |
    |          |>>> VPN Tunnel - WAN1/IP1 >>>|           |>>> WAN1/IP2 >>>|            |
    |  Client  |                             |  pfSense  |                |  Internet  |
    |          |<<< VPN Tunnel - WAN1/IP1 <<<|           |<<< WAN1/IP2 <<<|            |
    |          |                             |           |                |            |
    +----------+                             +-----------+                +------------+

    The internet access on WAN1/IP2 could be any supported protocol.

    If this is possible, how would it be accomplished?

    Thanks in advance.
    ![VPN Topology.jpg](/public/imported_attachments/1/VPN Topology.jpg)
    ![VPN Topology.jpg_thumb](/public/imported_attachments/1/VPN Topology.jpg_thumb)

  • So basically you're wanting remote VPN clients to go back out of WAN to the Internet? Yeah that's possible, and widely done. Something like running the server-side of a VPN provider, a number of such providers use pfSense.