bubba198 wrote:Ok forget ASA, how about pfSense? Anyone out there? A modest pfSense VM doesn't take much resources and pfSense itself is super flexible as a firewall so it must work with OVPN server at sonic?
Thakns
pfSense user here and yes, you can easily route your entire LAN (or just specific interfaces, vlans, clients, etc.) over Sonic's OVPN server.
Here are the general steps to do this within pfSense:
- Import your Sonic VPN certs
Configure the Sonic VPN client
Create a VPN interface (e.g. SonicVPN)
Create your LAN firewall rule routing all outbound traffic to the SonicVPN interface (set as the gateway)
Create an outbound NAT mapping (interface = SonicVPN; source = your LAN; NAT address = SonicVPN address)
I'm currently running 2 VPN clients on pfSense - Sonic's and PIA. 75% of my network clients route to Sonic; 25% to PIA based on my current needs.... I might be an FTTN customer but that doesn't mean I trust AT&T.
Speaking of Sonic's VPN, there was a long thread in this forum with lots of good info but looks like it got deleted for some odd reason.