I have setup a couple of pfsense boxes to handle a site 2 site VPN, I was wondering if someone could help me lock it down.
I had to put an allow all rule on the WAN interface for the public IP at each site, otherwise the VPN would not connect, I tried several variations and port combinations following the pfsense guides, however I couldn't get it working.
I'm using OpenVPN, I'm quite happy with how easy it was to setup, and the performance is very good.
Services I have over the tunnel are file sharing (I have a domain share setup and syncing through the tunnel, but I also want another file server to be accessible through the tunnel in emergency situations)
Exchange server
DNS
Active Directory
I was going to try only allowing certain services through the tunnel but there doesn't seem to be any interface for the OpenVPN tunnel (if I setup an ipsec tunnel it shows up as an interface that I can create filters on).
TIA.
I had to put an allow all rule on the WAN interface for the public IP at each site, otherwise the VPN would not connect, I tried several variations and port combinations following the pfsense guides, however I couldn't get it working.
I'm using OpenVPN, I'm quite happy with how easy it was to setup, and the performance is very good.
Services I have over the tunnel are file sharing (I have a domain share setup and syncing through the tunnel, but I also want another file server to be accessible through the tunnel in emergency situations)
Exchange server
DNS
Active Directory
I was going to try only allowing certain services through the tunnel but there doesn't seem to be any interface for the OpenVPN tunnel (if I setup an ipsec tunnel it shows up as an interface that I can create filters on).
TIA.