Mastering in pfSense VPN - IPSec, L2TP, OpenVPN, OSPF - 2025

Mastering in pfSense VPN - IPSec, L2TP, OpenVPN, OSPF - 2025 free download

Complete OpenVPN Peer-to-Peer (SSL/TLS, Shared Key), IPSec, Remote Access, Site-to-Site, Multisite, in pfSense+ and CE.

In this video training series, I am going to practically demonstrate to you how to configure a Site-to-Site VPN between 2 or more sites/ branches, and interconnection between your head office and branches.

These are 7 parts of the mastering video series.

1- Configure Site-to-Site VPN with a Peer-to-Peer Shared Key VPN tunnel.

2- Convert Peer-to-Peer Shared Key non-security standard VPN tunnel to a “Peer-to-Peer SSL/TLS VPN tunnel”

3- Configure an “IPSec VPN Tunnel” from scratch and interconnect your offices.

4- Configure a Site-to-Multi-Site VPN over SSL/TLS VPN Tunnel how multiple branches can communicate securely with each other and what special configurations are involved.

5- Connect the OPNsense firewall as an OpenVPN client situated in our different branch, show you how to connect your OPNsense as an OpenVPN Client with the pfSense firewall, and establish a site-to-site VPN.

6- pfSense firewall incorporation with Active Directory or LDAP & centrally enhance your OpenVPN security.

7- Configure step-by-step, IPsec Remote Access VPN Using IKEv2 with EAP-MSCHAPv2 authentication method.

Why Site-to-Site VPN?

Site-to-Site allows you to configure only gateways in remote subnets, and you do not need to configure the network nodes themselves. In simple terms, the Site-to-Site method connects two offices to a single network, and the Point-to-Site method connects remote employees to the office. In this video lecture, we will consider an example of connecting two existing networks - physical and virtual.

You can configure your Site-to-Site VPN over the Peer-to-Peer (Shared Key), Peer-to-Peer (SSL/TLS), and IPsec VPN Tunnel.

Please note: OpenVPN has deprecated the “Peer-to-Peer (Shared Key)” mode as it does not meet recent security standards. The shared key mode will be removed from future versions. So, you should convert any existing “Peer-to-Peer (Shared Key)” VPNs to SSL/TLS and avoid configuring any new “Shared Key” OpenVPN instances.

Setting up your pfSense network and satisfying all the prerequisites are fairly very straightforward, if you want to know how to install and configure the pfSense firewall in your network then watch my related video created earlier.

Network Diagram & the Scenario

First, we will discuss all possible network scenarios in detail and identically install and run pfSense firewall 2.7.0, the latest version, at all of our branches.

We will create several sites, “Head Office, Numerous Branch Offices,” or we could have more sites. They might be located in the same city, out of the region, maybe countrywide, or on different continents, but out of your LAN premises.

So how could you be connected to each remote site and access the resources equally the same as you are working in your internal LAN, to deliver timely and effective remote support and share IT resources between the servers, desktops, and printers across the networks?

Nonetheless, if you connect your sites or branches over the “Site-to-Site VPN” then your network will be in your complete control egregiously, you could also enforce the centralized corporate policy to control internet activities, implement Active Directory Group Policies all over your interconnected branches, and so much indefinite viable controls.