Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    X509 Cetificate based L2TP/IPSec VPN

    IPsec
    2
    4
    1792
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Timpscan
      last edited by

      Hello, I'm wondering if it is possible to configure an L2TP/IPSec using x509 certificates on PFSense without using OpenVPN. I want to use this for my iOS devices, and for multiple systems. However, mainly for my systems. I can run just pure IPSec, which is perfectly fine. But my main concern is the use without an additional client installation needed. So OpenVPN is out of the questions. Any help is greatly appreciated. I'm fairly new to PFSense, but i do understand networking quite well.

      Thank you,

      Tim

      1 Reply Last reply Reply Quote 0
      • D
        dhatz
        last edited by

        Pure IPsec+Xauth and OpenVPN are the only options for remote access VPN (e.g. for smartphones).

        Currently there's no support for IPSEC/L2TP nor IPsec IKEv2.

        1 Reply Last reply Reply Quote 0
        • T
          Timpscan
          last edited by

          Thats a shame i wish there was a way to integrate strongswan that would be perfect. Meanwhile, just lt me know and i'll open a new thread fo rhtis topic, but unter the 2.1 developement version, how is the IPv6 compatibility. Currently i'm running Vyatta  VC6.4-2012.05.31. However, this has many issues, which have yet to be resolved with router advert ect. But i haven't tested pfsense yet. Does everything seem to work pretty good with IPv6, in regards to pfsense routing and router advertisements?

          1 Reply Last reply Reply Quote 0
          • T
            Timpscan
            last edited by

            or even a roadwarrior with x509 would be great. Thats a shame.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post