Hello,
We just migrated our vpn users to our pf sense firewall. We have dual
firewalls (CARP) and dual wan links - a 3mbit bonded t1 link and a 10mb
dsl link. (not load balanced - a LAN router is determining what is going
to which link)
1. How do we disable a vpn client? Clicking "block" seems to have no
effect whatsoever, and the text on that page suggests you use a
Certificate Revocation List. Where is the CRL on pfsense? All the cert
generation software is on another server, we generated the certs & key
then pasted into pfsense, so there is no easy-rsa etc on the pfsense
firewall (seemed safer to do this on a separate server. Interstingly,
pfsense does not require us to create clients on the client specific
configuration page in order for a client to connect.
2 . We want our VPN users to use the 3mb link. After we configured this,
VPN with proto udp stopped working - since the DSL is now the "WAN" link
it appears that what happens is the firewall responds to an incoming udp
packet on the T1 line by sending a response over the WAN (dsl) link. So
we had all our users switch their configs to use the proto tcp. That
worked, but is there a way to do what we are doing here with udp?
- Joel
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
