VPNs and firewalls have become buzzwords for many small businesses. In our opinion, buzzword or not, every company, and home should have some type of firewall with VPN capabilities between their local network, and the outside world. A firewall with a VPN allows you to connect to your business network without opening and forwarding ports that create an unsafe network situation that can be targeted and possibly attacked by bots, and malicious actors.
In a client case we had, they asked us for a cost-effective solution to connect their two offices to form one network. They did not want to pay a monthly fee that some vendors may have. They also wanted a VPN server with clients that would work on both Windows and MACs. With this information, we went to the drawing board and started planning.
For our client’s use case, we selected the pfSense router/firewall software running on Netgate hardware. We chose pfSense due to it not requiring any type of license to operate, and that it natively supports OpenVPN. OpenVPN is also free to use. pfSense is free to use, but the hardware we chose does require a one time purchase, then it is owned entirely by the client. pfSense’s routing rules can get very granular creating a perfect network infrastructure for your companies needs. In this use case, it allowed us to create rules needed for the company that would segment each office by the department and needed printer access. This client also wanted the departments to be able to print to printers at the opposite office. This was doable using pfSense’s routing rules.
The fun part was creating the Site-to-Site tunnel using OpenVPN. To simplify that, we created a VPN connection from one pfSense device to the other pfSense device located at the opposite office. Setting up this tunnel allows the employees to share files and printers over an encrypted connection with no data be leaked to the outside world. This is all done via (SSL/TLS + User Auth). To put it simply, it would be the same as each user actually going to the opposite office, and connecting to the network, all while staying in one location. This is a low-cost project that adds a wealth of tools to the companies arsenal.
Give us a call to build a solution for you: (210) 853-5567
Netgate Hardware chosen: 2x SG-3100
Leave a Reply
Your email is safe with us.