The pfSense Store

Author Topic: How do i archieve this goal? please help  (Read 1297 times)

0 Members and 1 Guest are viewing this topic.

Offline mubin

  • Newbie
  • *
  • Posts: 21
    • View Profile
How do i archieve this goal? please help
« on: October 25, 2007, 12:25:49 pm »
lan -- VPN router -- Pfsense ---adsl modem === Internet ==== adsl modem ---- vpn router --- lan

that  my ideal graph

I want to Ipsec between Those Vpn router

I need pfsense to make my network more secure

Or
this graph

lan --  Pfsense -- VPN router ---adsl modem === Internet ==== adsl modem ---- vpn router --- lan

which one is better

1.If it possible. how do i config pfsense to let my client site get through pfsense and connect to VPN router?

ps. If this sound silly becasue i'm very new

I still need a lot of advice

Sorry for my language i'm not native

Thank for all help



i already test i put my vpn router behind firewall connect lan to wan port on vpn and guess what it connect but
i can't ping through vpn i can't use remote access but if i remove pfsense everything wil work fine so
my guess is i don't know how i config pfsense
- Pfsense already let my Ipsec vpn connect but pfsense
Until now i don't know how to config pfsense i allow my site to site really connected so i can't ping and remote access even share file


Thank you very much
« Last Edit: October 26, 2007, 05:23:35 am by mubin »

Offline Cry Havok

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2791
  • Backup: n. What you should have done yesterday.
    • View Profile
Re: Is this idea possible?
« Reply #1 on: October 26, 2007, 01:44:27 am »
pfSense can do IPSec VPN, so if you're not tied to particular hardware it may be worth just using the pfSense box.

Where to put it, only you can really answer that as it depends on whether you trust the far end of the IPSec VPN or not ;)  Assuming you do, stick it behind the pfSense box and tell the pfSense box to foreward ESP and 500/UDP.  Of course, that may not work (technical limitations) and you may have to put it on front of the pfSense box.
If you're planning on PMing me to ask me to look at a thread, or for individual support, don't.

Offline mubin

  • Newbie
  • *
  • Posts: 21
    • View Profile
Re: How do i archieve this goal? please help
« Reply #2 on: October 26, 2007, 06:22:13 am »
OK now i try putting it in front but
1. I normally ping from site that have pfsense but i can't ping from another site without pfsense it look like pfsense don't let me come in to lan.

Help please thank