On 6/26/2012 5:09 PM, Jim Thompson wrote: >>> 2. If I had a 2nd pfSense box in the sub-office, does pfSense have a way >>> to encrypt/secure the data travelling over the microwave link. I'm >>> thinking something like a VPN - but not sure how to go about this when >>> I'm essentially trying to secure a patch lead. >> >> It's essentially a network-to-network VPN - something like OpenVPN >> would be ideal here. > > OpenVPN: not ideal, but workable. Requires making an IP interface out > of each end (as does IPSEC). If Paul wants to bridge the connection, > neither will help. If he wants to route between the two pfSense boxes, > either will work, through IPSec will offer greater throughput, and > Openvpn is typically easier to setup.
You can bridge with either OpenVPN (in tap mode) or IPsec in transport mode + GIF tunnel. Neither of those work out of the box on 2.0.x though, both work fine on 2.1. You still have to be careful to avoid a mess of conflicting IPs, and of course overloading the bridge with broadcast/multicast, but it can be done. Jim _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
