This is an walk through how to setup IPSec VPN on pfSense 2.3.3.
Go to VPN -> IPsec:
Go to Mobile Clients tab:
- Enable IPSec Mobile Client Support
- User Authentication: Local Database
- Check: Provide virtual IP address to clients – 172.16.32.1/16
- Provide a list of accessible network to clients <<Needed to reach external from remote clients
- Provide DNS server list to clients
- Server #1: 192.168.1.1 <<This should be your DNS server or pfSense box
- Save
- Apply Changes
Create Phase 1:
- Authentication Mode: Mutual PSK + Xauth
- Peer Identifier: User Distinguished Name: vpnusers@pfsense.com
- Pre-shared Key: <USEYOUROWN>
- Encryption Algorithm: AES – 256 bits
- Save
- Apply Changes
Phase 2 Settings:
- Description: MobileIPsecP2
- Encryption Algorithm: AES <Auto>
- Hash Algorithm: SHA1
- Save
- Apply Changes
System – User Manager:
- Add: Username + Password
- Save
- Edit
- Effective Privileges – Add: User – VPN: Ipsec xauth Dialin
- Save
Firewall Rules:
- IPSec Interface: Allow IP4 <Any> to LAN net
That’s it, IPSec VPN should be up and running!