Configure an IPSec VPN client?



  • We're based in China. We'd like to have pfsense run a VPN client from which all internal LAN clients route all our traffic through. I know that an OpenVPN client exists, but OpenVPN, as a protocol, isn't reliable here because it often gets blocked. An IPSec client would work, but so would an L2TP (for our purposes PPTP would work too…)

    Are there any other options beside an OpenVPN client?

    (Another option would be to set up an SSH tunnel on pfsense. Can this be done?)



  • I'm honestly surprised that they can block OpenVPN. We have ours setup so it tries UDP on a weird port –- If that doesn't work it will revert to TCP port 443 so it is very difficult to distinguish from HTTPS.

    Even if you can't make a tunnel with SSH, I'm sure you can make an SSH tunnel back to a server that can handle SSH tunnels. Honestly we stopped handling OpenVPN on PFSense due to everyone being disconnected when the firewall fails over.


Log in to reply