Have a look to the web of pfSense, in Tutorials, there is a wonderful tutorial
that maybe can help you: OpenVPN road warrier and site to site
http://www.pfsense.com/mirror.php?section=tutorials/openvpn/pfsense-ovpn.pdf
Hope it can help.
Pablo Montoro.
Tim Dickson wrote:
I'll throw in my 2 cents...
I've used PPTP and OpenVPN.
I like the ease of use of OpenVPN to the end user (via the openvpn GUI)
The manuals on pfSense.com walk you through it step by step... so setup
is easy for you as well.
Just click and go! is all the user has to do, and if their connection
drops for whatever reason, it will automatically reconnect for them. I
also like the way it adds the interface rather that tunneling all
traffic. This saves our precious bandwidth on site and lets all the
downloading at home go out their own gateway.
PPTP is nice for the devices that can't support openvpn (such as
pocketpc's), so I use both protocols
-Tim
-----Original Message-----
From: Steven Hodgen [mailto:[EMAIL PROTECTED]
Sent: Monday, June 25, 2007 4:45 PM
To: [email protected]
Subject: [pfSense Support] VPN question
Ok, so I hope you will all forgive my inexcusable use of this list for
questions that aren't 100% specific to pfSense.
Nevertheless, I want to use pfSense to let me create a road-warrior for
our internal Windows domain. So, at some level there are questions
specific to pfSense. Actually, what this message is really about is my
ignorance, and lack of ability to ferret out cogent answers on Google
and searching this list.
Information:
* We have a server running Windows 2003 Standard Edition.
* Another machine running pfSense 1.2 Beta-1
* A Comcast Business WAN with a static IP.
* An internal LAN subnet 192.168.1.0/24
* Another subnet on a different different ethernet port 192.168.2.0/24
used for isolating our internal wireless traffic (we're a school and
kids all use wireless and are not on domain).
* So, we're using three of four available ethernet ports on the firewall
machine.
* I have roaming profiles configured and lots of Group Policy rules.
Questions:
1. What is the best way to configure pfSense so that a road-warrior can
access our LAN domain as if he/she was here (except for speed, of
course).
2. Related to 1: what is the best (balance easy with secure) of the four
choices: IPsec, OpenVPN, PPPoE, PPTP, way to achieve this. Pros/Cons.
Ok, so now I'm going to thank you in advance for putting up with my
questions. Truthfully, I know just about enough about networking and
TCP/IP, etc. to be dangerous. But I learn quickly, and really
appreciate your help.
I hope I gave you all enough information. If there's a specific log or
config file that would help you, please let me know.
--Steven
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
begin:vcard
fn;quoted-printable:Pablo Montoro Esca=C3=B1o
n;quoted-printable:Montoro Esca=C3=B1o;Pablo
org:Amitelo Wireless, S.L., (Amitelo AG Group)
adr;quoted-printable;quoted-printable;quoted-printable;quoted-printable:Pol=C3=ADgono Industrial Alameda.;;c/ Marea Baja, n=C2=BA 33.;M=C3=A1laga;M=C3=A1laga;29006;SPAIN
email;internet:[EMAIL PROTECTED]
title:Telecomunication Engineer
tel;work:0034 951 013 026
tel;fax:0034 952 038 390
tel;home:0034 952 038 962
tel;cell:0034 671 621 263
note;quoted-printable:Pablo Montoro Esca=C3=B1o=0D=0A=
Telecomunication Engineer=0D=0A=
Amitelo Wireless, S.L.=0D=0A=
(Amitelo AG Group)=0D=0A=
=0D=0A=
Phone : 0034 951 013 026=0D=0A=
Mobile: 0034 671 621 263=0D=0A=
Office: 0034 952 038 962=0D=0A=
FAX : 0034 952 038 390=0D=0A=
MSN : [EMAIL PROTECTED]
Skype : pabloamitelo=0D=0A=
Gizmo : pabloamitelo=0D=0A=
=0D=0A=
Amitelo Wireless, S.L.=0D=0A=
c/ Marea Baja, n=C2=BA 33.=0D=0A=
Pol=C3=ADgono Industrial Alameda.=0D=0A=
29006 M=C3=A1laga (SPAIN)
url:http://www.wireless.amitelo.com
version:2.1
end:vcard
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
