» pfsense の記事

去pfsense -> vpn->openvpn -> wizards

type of server>local User Access

Create CA Cert, Descriptive name 是旦打，全部野可以是旦打，self cert 沒問題

Create Server Cert , 尼個descriptive name 好重要，唔可以打重，可以打IP, 最好打domain ,如果轉左ip可以唔屎gen過張cert

Interface wan , protocol tcp or udp 都得，port 都係，自行開port

Tunnel Network 即係你vpn後的IP subnet,隨意打，唔好同local network撞, local network 就係你要join入去既subnet, 如果唔想vpn後join入lan 就空左佢

之後去Inferface->assign->add opt1or opt2 尼張係openvpn既interface

要enable,同set IPv4 DHCP

Interface->bridge->add->用 shift ctril merge 2張interface (1張係vpn, 1張係local network)

之後add返張bridge左既interface,enable 同 DHCP

firewall 加返bridge 同opt2 既firewall rules set any

之後去download plugin>system>packageManager>available Packages>openvpn-client-export

之後去system>user>maneager>users到開vpn acc

記得click create cert

之後返去vpn->openvpn->export client->standard config->archive 整個dl就行

1)Enable NAT relection mode

System>advanced->firewall/nat>nat

enable (pure nat)

tick on enable nat reflection for 1:1 nat

tick on automatic outbound nat for relection

2)forward port

Firewall>nat>port forward

– Configuration>Networking<Add Networking…

– Virtual Machine

– Create a vSphere standard swtich , without select any physical lan card

– Change Network Label

– Then create a VM, with the pfsense live CD, and add WAN LAN, and Vlan CARD and setup

-NAT Client add to the Vlan CARD, and check internet connection

– use nat client login to the pfsense web GUI and change DHCP IP