Netgate SG-1000 microFirewall

Author Topic: "PPTP has been removed from 2.3"  (Read 2216 times)

0 Members and 1 Guest are viewing this topic.

Offline ChrisBedford

  • Newbie
  • *
  • Posts: 5
  • Karma: +1/-0
    • View Profile
"PPTP has been removed from 2.3"
« on: May 30, 2016, 01:37:02 am »
OK cool, and I understand why.

But the above-titled sticky topic goes on to say
Quote
We strongly recommend using IKEv2 or OpenVPN

Um yeah but the options available are L2TP, IPSec, and OpenVPN. No IKE. No explanation whether IKE is another name for one of the others, or something completely different which I have to source elsewhere and plug in.

Where do I find more information on which method to choose, and where to start? I keep coming across references to 'The pfSense Book' which was apparently last printed several years ago so I don't think that's a particularly good idea any more.

Please help a frustrated small-network administrator!

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9212
  • Karma: +1046/-308
    • View Profile
Re: "PPTP has been removed from 2.3"
« Reply #1 on: May 30, 2016, 02:18:12 am »
IKEv2 is IPsec. This is probably the simplest way to set it up for remote access:

https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline ChrisBedford

  • Newbie
  • *
  • Posts: 5
  • Karma: +1/-0
    • View Profile
Re: "PPTP has been removed from 2.3"
« Reply #2 on: June 29, 2016, 08:27:33 am »
IKEv2 is IPsec. This is probably the simplest way to set it up for remote access:

https://doc.pfsense.org/index.php/IKEv2_with_EAP-MSCHAPv2

Faaaark! Thanks, but... faaaark! I took one look at that page and my eyes glazed over. If that's simple, I'd hate to see complex. PPtP was *soooo* easy - but, I suppose, that's why it's not secure.

I've just spent the best part of the day trying to set up OpenVPN which by all accounts is the best choice of the options available. Unfortunately it's not much simpler than the above, and the documentation I have found is incomplete at best. Just can't get enough information to get a working connection going.

Frustrating.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14420
  • Karma: +1335/-200
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: "PPTP has been removed from 2.3"
« Reply #3 on: July 14, 2016, 04:13:28 am »
what information do you need.  Install the export package, this makes it easy to get the config for your client.  click through the wizard, create a cert for your user..  Bobs your uncle - it really is clickity clickity..

I know for sure there is one guide out there that is just plain WRONG.. It came up in a recent thread in the openvpn section. It shows in the video setting a user cert for the server to use.. That will not work.

What I would suggest is if you have questions on setting up openvpn is create a thread in the openvpn section.  More than happy to step you through the 1 min process of setting up openvpn on pfsense.

Did you look at
https://doc.pfsense.org/index.php/OpenVPN_Remote_Access_Server


- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x SG-4860 2.4.2-RELEASE (home)