Are you confused about how to set up a pfSense Site to Site VPN?

Just a few changes of the configuration in both the end can setup pfSense Site to Site VPN.

At Bobcares, we receive requests regarding the pfSence part of Server Management Services.

Today, let’s discuss this error in detail and see how our Support Engineers fix it easily.

How to setup pfSense Site to Site VPN

To set up the pfSense site to site VPN, we need to have access to both network interfaces. Let us discuss how our Support Engineers setup pfSense site to site VPN.

Phase 1 on pfSense local network

1. Firstly, we login to the pfSense local interface.

2. Then, we click on VPN > IPSec and click on + Add P1. We add the Remote Gateway and Description.

3. Now, we create a Pre-Shared Key. In Phase 1 Proposal (Authentication), we enter the key in the Pre-Shared Key field.

Finally, we click save and apply the changes.

Phase 2 on pfSense local network

Here, we need to create the second phase.

1. Initially, we click on + Show Phase 2 entries. Then we click on + Add P2.

2. We choose Network in Local Network and enter the subnet of the local network.

3. After that,  we choose Network at Remote Network and enter the subnet of the remote network.

4. Now, in Phase 2 Proposal (SA/Key Exchange), we select AES Encryption in Encryption Algorithms.

5. In the Hash Algorithm, we select SHA1 and select the PFS key group bit.

6. Also, we enter the pfSense Remote Location’s IP Address. Finally, click on Save and Apply changes.

Now, we need to make the changes in the setting as well.

1. For that, we click on Firewall > Rules > IPsec. Then, we click on Add.

2. Again, we change the protocol to Any and select the source as Network.

3. Then, we enter the Subnet of pfSense Remote Location and enter the Description.

Finally, click on Save and Apply changes.

Phase 1 on pfSense remote network

1. Firstly, we login to the pfSence remote interface.

2. Then we click on VPN > IPSec and click on + Add P1 and add the Remote Gateway and Description.

3. In Phase 1 Proposal (Authentication), we enter the key in the Pre-Shared Key field. Also, we leave the remaining as default.

Finally, we click save and apply the changes.

Phase 2 on pfSense remote network

Here, we need to create the second phase in the remote.

1. Firstly, we click on + Show Phase 2 entries. Then we click on + Add P2.

2. We choose Network in Local Network. And, we enter the subnet of the local network (In this case remote).

3. Then, we choose Network at Remote Network and enter the subnet of the remote network (in this case local).

4. Now in Phase 2 Proposal (SA/Key Exchange), we select AES Encryption in Encryption Algorithms.

5. In the Hash Algorithm, we select SHA1 and select the PFS key group bit.

6. Also, we enter the pfSense local Location’s IP Address. Finally, click on Save and Apply changes.

Now, we need to make the changes in the setting as well.

1. Initially, we click on Firewall >> Rules >> IPsec. Then we click on Add.

2. We change the protocol to Any. Then we select the source as Network.

3. After that, we enter the Subnet of pfSense Remote Location and enter the Description.

Finally, click on Save and Apply changes.

[Need assistance to set up pfSence? – Our Support Engineers will help you.]

Conclusion

In short, we have discussed that configuration is done from local and remote. Also, we have discussed how our Support Engineers setup pfSense site to site VPN.