Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    1 NIC/WAN 2 IPs VPN Gateway/Bridge/Passthrough - Can pfSense do this?

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    2 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wescleveland
      last edited by

      First off: I am a total newb to BSD/PF/pfSense/firewalls/etc. So, I am a bit unfamiliar with the correct terminology. Perhaps this question has already been answered and I couldn't find it because I just didn't know what to search for. Please forgive me if that is the case.

      The question is: Can I use pfSense as a remote security gateway such that users connect via VPN (PPTP, L2TP, OpenVPN, etc.) and their requests are sent over the internet on the same NIC (WAN)? Something like what's depicted in the attached picture or:

      +–--------+                             +-----------+                +------------+
      |          |                             |           |                |            |
      |          |>>> VPN Tunnel - WAN1/IP1 >>>|           |>>> WAN1/IP2 >>>|            |
      |  Client  |                             |  pfSense  |                |  Internet  |
      |          |<<< VPN Tunnel - WAN1/IP1 <<<|           |<<< WAN1/IP2 <<<|            |
      |          |                             |           |                |            |
      +----------+                             +-----------+                +------------+

      The internet access on WAN1/IP2 could be any supported protocol.

      If this is possible, how would it be accomplished?

      Thanks in advance.
      ![VPN Topology.jpg](/public/imported_attachments/1/VPN Topology.jpg)
      ![VPN Topology.jpg_thumb](/public/imported_attachments/1/VPN Topology.jpg_thumb)

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        So basically you're wanting remote VPN clients to go back out of WAN to the Internet? Yeah that's possible, and widely done. Something like running the server-side of a VPN provider, a number of such providers use pfSense.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.