Return to Level1Techs.com

Create IPSec VPN between Windows Server 2019 and pfSense

Hi everyone,

I’ve successfully created an IKEv2 connection between two Windows Server 2019 Servers.

If I’m correct, it required two pieces of info to establish the connection :

  1. Pre-Shared Key
  2. A Dial-in Account on the remote server.

Now, on pfSense, while creating a P1 IPSec tunnel, it only has a field to enter the Pre-Shared Key and no option to enter the username and password for the dial-in account on the remote server.

Can you tell me what I’m doing wrong here ? Or how to establish such a tunnel ?

Total noob here, I’m a junior doctor and whatever I’ve learnt is just through Udemy courses, so I apologize for any gross mistakes I could have made.

I’ve been locked out of my clinic cause of the COVID - 19 quarantine, but I need to access the computers and some other NAS devices at my clinic.

Office Setup :
WAN --> Windows Server 2019 (DC,RRAS,RDP) --> Connects my NAS and Desktop to the internet
(Server 2019 has a public IP on 1 interface).
Home Setup :
pfSense --> Home Server 2019 and other computers.

I’m curious, what kind of purpose would a vpn tunnel serve to a router?

@Rogue-agent I think I can answer your question if I understand what @dr_tech is trying to do, he is trying to connect to his work equipment securely, by setting up a VPN tunnel that connects from his home to his clinic. My guess why the router is involved is, the VPN server is on the clinic’s router and his home PC is the client.

@dr_tech I can’t quite understand how your network is setup. I have a question that might make things clear to me, is the remote server on your Clinic’s network, or are you using a hosting company to host it?

:confused: I thought this could’ve been some nice way to make LAN even more secure, welp hope it works.

@Rogue-agent As I know how networking works the only way to make your Lan more secure is to implement VLANs and block any ports you are not using.

The Windows Server 2019 (serving RRAS), is owned and hosted by me on a business grade internet connection and is physically within my clinic building.

I am trying to setup a connection to my home router (pfSense) via L2TP to my office router (Server 2019).

So this is more of a site to site VPN between my office and home routers, and not just my home PC trying to connect to office VPN.

Sorry, @dr_tech I won’t be any help, I don’t have any experience with setting up a site to site VPN. The only advice I could give you contacts Pfsense helpline, or see if the IT department of the clinic can help you.