The main argument for net-to-net is being able to help them troubleshoot issues as they arise or remote monitoring. But if TrueNAS has a built-in VPN client, for a technology for which I'm already running a server, that seems like the presumptive way to go. Of course, a third option would be to install a client for whatever VPN technology I liked in a jail. It looks like the UDM does support acting as a VPN server or client, but only using L2TP-which pfSense also supports, so I suppose that's a fall-back option. I'm not really intending to do a net-to-net connection I don't really see a reason for them to be on my network (or vice versa). I'm planning to put the remote server at my parents' house, where they have a Unifi Dream Machine. I'm not even sure where you'd enter a username and password, but I'd be planning to use certificate authentication anyway, so that isn't as important. And I'm sure it's do-able, but it just looks like it'd be tedious-import the user certificate, import the pfSense CA, choose the right authentication, cipher, protocol, etc. It's worked well for everything I've needed it for, hence my plan to use it for this project as well. But they didn't, so.Īt home, I have a pfSense box as my router, and it's already running an OpenVPN server-I use it for remote access to my home network when I'm traveling, and I have a couple of other remote systems permanently connected to it. Well, if iX had ever implemented ZeroTier properly (and then left it there), that would have been the way to go-connect both NASs to their own network and I'm set. Give the users the best of worlds, one a link to the recipe as well as a resource for each ingredient. I wish our respective GUIs were linked with more substantial explanations and/or direct links to relevant information - one to a general setup process (which is what iXysystems seems to envision generally) and a line-by-line item set of links to the relevant online definitions of each entry. I agree that there is improvement potential re: the GUI OpenVPN interface. So I wonder if you can get this working with just your gateways as opposed to with the NAS. ![]() but there isn't that much differentiating the two if your task is a simple backup. OpenVPN does have the advantage of greater flexibility re: which ports to open, etc. Thus, I reverted to IPSec, which seems to be as secure as OpenVPN and then suffered a bit until I got it all to work. Then I discovered that OpenVPN doesn't enjoy on-board hardware acceleration like IPSec does for edgerouters (my current set of gateways). ![]() I started to go down the path of OpenVPN to connect two dynamic DNS sites.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |