L2TP over IPSec, dynamic IP and Roadwarrior



  • Hi,

    I was unable to find an answer on my Problem in other posts. Hopefully it's not a already solved topic :-)

    Okay what i need is a VPN to my pfSense Box, working with Windows native Client, and for sure not PPTP.
    My idea was to use L2TP over IPSec.

    Do i remember correctly, that therefore no NAT can be done between ISP and pfSense?
    My ISP offers only a dynamic IP. My Client will be on mobile network (UMTS, Hotspot, etc.), so it's dynamic, too.

    DynDns Hostname is registered and running.
    Is it possible or do i need a static ip on my pfsense box?

    Best regards,
    redflag237


  • Rebel Alliance Developer Netgate

    pfSense does not support L2TP+IPsec on 2.0.x or 2.1, so that isn't going to work.

    There was someone here on the forum who wrote a howto for just plain IPsec (no L2TP) from Windows. Search around a bit and you'll find it.

    OpenVPN is the best way to go. It may not be "native" as in pre-installed, but it is by far the best choice. Locking yourself to only what is built into the OS is a bit of a silly requirement these days.



  • @jimp:

    pfSense does not support L2TP+IPsec on 2.0.x or 2.1, so that isn't going to work.

    There was someone here on the forum who wrote a howto for just plain IPsec (no L2TP) from Windows. Search around a bit and you'll find it.

    OpenVPN is the best way to go. It may not be "native" as in pre-installed, but it is by far the best choice. Locking yourself to only what is built into the OS is a bit of a silly requirement these days.

    Do you mean this IPSec and XAuth PSK stuff, which is described for Android and iOS Access?


  • Rebel Alliance Developer Netgate

    I don't recall exactly how they had it set. Details are in the howto here on the forum somewhere.


Locked