» pfsense の記事

~ pfsense openvpn with connect to lan network ~

connie 2017.02.15 | pfsense | | 1 Comment

去pfsense -> vpn->openvpn -> wizards

1487131076245

type of server>local User Access

1487131090075

Create CA Cert, Descriptive name 是旦打,全部野可以是旦打,self cert 沒問題

1487131152320

Create Server Cert , 尼個descriptive name 好重要,唔可以打重,可以打IP, 最好打domain ,如果轉左ip可以唔屎gen過張cert

1487131345012

Interface wan , protocol tcp or udp 都得,port 都係,自行開port

1487131468356

Tunnel Network 即係你vpn後的IP subnet,隨意打,唔好同local network撞, local network 就係你要join入去既subnet, 如果唔想vpn後join入lan 就空左佢

1487131515213

1487131596573

1487134672417

1487131616259

之後去Inferface->assign->add opt1or opt2 尼張係openvpn既interface

1487133035213

要enable,同set IPv4 DHCP

1487134625736

Interface->bridge->add->用 shift ctril merge 2張interface (1張係vpn, 1張係local network)

1487133092382

之後add返張bridge左既interface,enable 同 DHCP

1487133107686

firewall 加返bridge 同opt2 既firewall rules set any

1487134701466

之後去download plugin>system>packageManager>available Packages>openvpn-client-export

1487131644388

之後去system>user>maneager>users到開vpn acc

1487131728177

記得click create cert

1487131747374

之後返去vpn->openvpn->export client->standard config->archive 整個dl就行

1487131797156

~ pfsense port forward ~

connie 2016.09.27 | pfsense | | No Comments

1)Enable NAT relection mode

System>advanced->firewall/nat>nat

enable (pure nat)

tick on enable nat reflection for 1:1 nat

tick on automatic outbound nat for relection

1474946878447

2)forward port

Firewall>nat>port forward

1474946921867

| HOME |