Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Deployment methods for VPN users?

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 3 Posters 901 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F Offline
      fupjack
      last edited by

      I'm curious to know - what have people done for deploying client software/setups for users to connect by VPN?

      We have a Microsoft SSTP VPN set up here that I'd like to replace.  It's very easy to deploy by policy, and I'm curious to see what others have done so I can figure out installing/setting up new clients in perhaps the same way.

      1 Reply Last reply Reply Quote 0
      • KOMK Offline
        KOM
        last edited by

        I use OpenVPN with local user authentication (not AD) here, but you have to create and distribute a unique client package for every user.  You can authenticate against an AD domain, but I've never done it.

        https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory

        1 Reply Last reply Reply Quote 0
        • W Offline
          watts3000
          last edited by

          I am curious why do you want to replace SSTP? Are you having some technical problems. Or do you want to replace it just because it's Microsoft we run SSTP and L2TP and have zero problems.

          1 Reply Last reply Reply Quote 0
          • F Offline
            fupjack
            last edited by

            @watts3000:

            I am curious why do you want to replace SSTP? Are you having some technical problems. Or do you want to replace it just because it's Microsoft we run SSTP and L2TP and have zero problems.

            The machine that supports the SSTP links right now is a virtual machine, and I want to get that traffic/dependency off the network for those VMs.  So, it's either set people up to connect to the pfsense system, or put in real hardware for people to reach.

            A software solution doesn't add (significant) heat to my datacenter - which is why I was hoping for an easy install/deployment.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.