Regarding multiple site vpn and roadwarriors

  • Hello,

    I was wondering if the following would be possible out of the box with Pfsense:

    I have 5 sites which I should connect through a VPN with each other. One of the sites would be the 'star point' where all other sites connect to. Users should connect to the site where they belong to, using roadwarriors, but once connected they should be able to connect to all servers within all 5 sites.

    Currently all sites are running ipcop boxes, and I don't think I can set this up without fiddling around with config files and doing some manual configuration. I would like to do a setup using the standard webgui so I can keep it manageable.

    Could Pfsense fit the bill for such a setup?


  • Yes it can.
    Take a look at the stickies as there are how-to's on site-to-site and roadwarrior-setups.

    In your case you can have multiple site-to-site connections (Shared Key Infrastructure)(multiple instances on the server),
    or you have a single server and all clients connect to this one (Public Key Infrastructure).

    In the second case you can/need add client-specific commands that automatically add/pushes the right routes.

