Jeremy & Vick,
I'm open to considering an IPSec if that's the best option for this use
case. We're talking about 8 locations starting out, with a 9th office
opening shortly thereafter, and the possibility of going up to a total of
15-20 sites within 1-2 years after that.

When I read https://doc.pfsense.org/index.php/OpenVPN_Site_To_Site, I see
that an OpenVPN setup with SSL/TLS would be the way to go.

I didn't think I would have to setup a new server / port for each remote
office. I thought that, with the SSL/TLS setup, I could have a single
server and configure it so that clients can see & interact with each other.

I have pfSense with OpenVPN in my own office, and seem to recall seeing
this setting in the past.

On Tue, Jun 7, 2016 at 8:02 PM, Vick Khera <vi...@khera.org> wrote:

> On Tue, Jun 7, 2016 at 3:03 PM, David White <dmwhite...@gmail.com> wrote:
>
> > I know that this can be done, but I've never actually done it. Are there
> > some good resources I can review, besides
> > https://doc.pfsense.org/index.php/OpenVPN_Site_To_Site
> >
> > ? For branch offices,
> >
>
> If you can manage it, and the remotes are on static IPs, I'd suggest trying
> IPSec.
>
> If you are going with OpenVPN, then you basically will need to set up one
> "server" per remote, each on its own port number. I like to only open the
> firewall to that port from the IP of the remote that will use it. Depending
> on how many you have and how tight you want it, you could just make an
> alias of all the ports and an alias of all the remote IPs and set up one
> rule to allow all of that at one shot.
> _______________________________________________
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
>



-- 
David White
Founder & CEO

423-693-4234
@developCENTS <https://twitter.com/developcents>
https://developcents.com

*Develop CENTS*
Computing, Equipping, Networking, Training & Supporting for small
businesses and nonprofits
Providing: Web Hosting, Technical Support & IT Consulting

*Signup to our Newsletter at
<https://developcents.com/contact>https://developcents.com/contact/
<https://developcents.com/contact/>*
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Reply via email to