No announcement yet.

PFSense VPN Tunnel Use

  • Filter
  • Time
  • Show
Clear All
new posts

  • PFSense VPN Tunnel Use

    Here have been testing much on the home network these days. Historically have utilized VPN tunnels with Smoothwall. I have since now gone to using PFSense and still learning. Most recently updated the box to something with a bit more CPU. That said I also now have 10 network interfaces to allow for multiple WAN and LAN connections which works for me.

    Relating to Homeseer and using a VPN tunnel I can:

    1 - connect to the Homeseer web GUI via a WAN link / VPN tunnel such that I do not have to open up any ports to access Homeseer

    2 - Utilize Homeseer touch via VPN which works better for me.

    The step by step is easy if you go slow with it but can get a bit overwhelming if you do not understand the basics of the PFSense firewall and VPN in general.

    PFSense allows for 4 methodologies of VPN tunnels:

    1 - IPSec
    2 - L2TP
    3 - OpenVPN
    4 - PPTP

    IPSec VPN

    Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).

    Internet Protocol security (IPsec) uses cryptographic security services to protect communications over Internet Protocol (IP) networks. IPsec supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption), and replay protection.

    IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite, while some other Internet security systems in widespread use, such as Transport Layer Security (TLS) and Secure Shell (SSH), operate in the upper layers at Application layer. Hence, only IPsec protects any application traffics over an IP network. Applications can be automatically secured by its IPsec at the IP layer. Without IPsec, the protocols of TLS/SSL must be inserted under each of applications for protection

    Attached is the GUI for the IPSec section. Easy peasy; just a few settings and you are good to go.

    Will detail configuration of the PFSense box and a client shortly.
    Attached Files
    Last edited by Pete; August 26th, 2014, 05:20 PM.
    - Pete

    Auto mator
    Homeseer 3 Pro - (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.8X
    Homeseer Zee2 (Lite) - (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.8X
    HS4 pro - - Ubuntu 18.04/W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.8X

    X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant