PFSense to PFsense VPN Apartment Help

Discussion in 'Networking & Security' started by 65Kfosta, Aug 18, 2009.

  1. 65Kfosta

    65Kfosta [H]Lite

    Messages:
    88
    Joined:
    Feb 11, 2009
    So what im trying to do is Setup a VPN between my apartment and my office so i can use my ipphone ect. and work directly on the network.

    But here is the catch. My apartment provides internet so i have no controll over using pfsense as a router.

    My question is there a way i can setup pfsense to be plugged into my switch at the apartment without being the router?

    Thanks Guys
     
  2. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    Not without having access to the primary router of the complex...I'm assuming you are, that you're behind NAT.
     
  3. archivalbackup

    archivalbackup Gawd

    Messages:
    643
    Joined:
    Oct 12, 2007
    If you have a global IP (rare but it happens) you could, otherwise you have to get your own provider.

    If it is work related, and necessary for your job, have them pay for it.
     
  4. Shockey

    Shockey [H]ard|Gawd

    Messages:
    1,994
    Joined:
    Nov 24, 2008
    Cant he just connect to pfsense with a client like the one built into windows? NAT wouldn't matter then and who control the internet won't matter.
     
  5. PedroDaGr8

    PedroDaGr8 Limp Gawd

    Messages:
    489
    Joined:
    Feb 17, 2004
    It's going to depend also on what your aparment's router blocks. For example, I have used cisco VPN client before multiple routers deep no problem, except for one case where I was behind a super restrictive firewall.
     
  6. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    Not necessarily true....we don't know how the primary router is setup, if IP type 47 GRE is allowed to pass through unmolested, etc.
     
  7. Shockey

    Shockey [H]ard|Gawd

    Messages:
    1,994
    Joined:
    Nov 24, 2008
    true forgot about outbound traffic filtering
     
  8. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    That's not really outbound traffic filtering.
    Allowing GRE to pass through NAT is a way that routers will take VPN traffic and basically handle it with kid gloves. VPN traffic does not like NAT at all. It's nothing to do with port forwarding or anything like that. Just a special way to handle that type of traffic.
     
  9. 65Kfosta

    65Kfosta [H]Lite

    Messages:
    88
    Joined:
    Feb 11, 2009
    Well i was wondering how does the built in server vpn connection through windows work? Because i can connect and receive emails ect. directly with the office from my apartment. Could i share the internet through my pc to allow my ip phone to work?
     
  10. keenan

    keenan 2[H]4U

    Messages:
    2,695
    Joined:
    Aug 5, 2009
    IPsec should work fine with NAT-T enabled. If you have to, in mobile client mode.

    OpenVPN will certainly work (with TCP transport) if you set up the work machine (presumably with a public IP or forwardable ports) as the server.