User avatar
albright_family
Intermediate
Intermediate
Posts: 482
Joined: Sat Oct 22, 2005 10:41 pm
Location: Lakewood, WA
Contact: Send private message

Re: myFirewall4... worth it?

Wed Mar 15, 2017 1:41 am

Curious why you're using IPSEC. My understanding is that these have high overhead. Why not use a SSL based VPN like OpenVPN which I understand has less overhead?
The reason I utilize IPSEC/L2TP is specifically for my line of work. I regularly work with multiple NOC (Network Operations Centers) on VPN tunnels back to corporate offices, and their equipment utilizes VPN with IPSEC/L2TP, when it fails, they try to blame it on the equipment vs something in their configuration. I then with my laptop connected to their device connect to my VPN tunnel at home prove that the equipment (usually a cellular backup device) did in fact establish a VPN tunnel successfully over the requested protocol. This stops their IT in their tracks of saying that I don't know what I am doing. So the reason I utilize it is for work to verify equipment is really capable of running the tunnel, when there is problems establishing their own tunnel. Does that help? I was doing this previously on a Virtual Machine on my server at home, but when my router took a dump, it took the port configurations with it, and I have been unsuccessful in getting things working again. Thus the hard-ware solution.
Maybe I should also ask what platform clients you're using?
Generally I am using my Macbook Pro or my Android phone. I enjoy the built in interface for IPSEC/L2TP for OSX, vs having to run a separate client for VPN services.
I understand that it is frustrating. I'll re-read the thread to see if I missed something, but unless there are issues with the 2.4 (?) build of PFSENSE I do know that IPSEC VPN works with iPhone and OpenVPN also works with the iPhone.
Thank you
Also keep in mind that some of the cell carriers have eliminated IPv4 addressing. This means that you may need to use IPv6 instead. I just ran into this with T-Mobile and IOS 10.2. Apparently the general thought is that no one is using IPv4 anymore and therefore T-Mobile dropped IPV4 support... ARGH!!!!!! Yes, I was still using it. I called and called and called. No one had a clue. I figured it out by doing a lot of troubleshooting and researching. They had no clue to how to fix it either.... Answer was to switch my external presence to IPV6 and that took care of it.

I am willing to help, but we will need to take it offline. Typing all of the conversation back and forth would be too time consuming.
Very much appreciated. I will even give you remote access to the firewall via my computer so that we can work on this together. I will send you my email to correspond with via private message. My hopes is that we can get this working to such a level, that we can make this available to anyone that wishes from Allonis to have an easy to utilize IPSEC/L2TP VPN tunnel.

User avatar
albright_family
Intermediate
Intermediate
Posts: 482
Joined: Sat Oct 22, 2005 10:41 pm
Location: Lakewood, WA
Contact: Send private message

Re: myFirewall4... worth it?

Wed Mar 15, 2017 1:43 am

One more thing. I recall that the PFSENSE manual had more descriptive of a walk through. Did you download the manual and follow their instructions?

You are a licensed PFSENSE owner and can download the manual. Of course, it is for a older version of the software.
I tried following the manual, and that got me just lost. It references to somethings that are not there, and misses somethings that are there. It was not written for this version. It was very easy to follow, but it wasn't written for the version that we utilize. Neither is any of the YouTube videos or online documentation written for the version that we are using.

Return to “myFirewall”

Who is online

Users browsing this forum: No registered users and 1 guest