I have setup a Windows Server 2019 RRAS VPN server which works internally.
I’m trying to get this to work from the outside using Windows 11 built-in VPN client and I’m not getting much joy - largely due to my lack of understanding of pfSense.
I have looked at various pfSense documents and other online articles but not had much success.
Our WAN interface only has 1 public facing IP address available to us so I thought port forwarding could work.
Am I able to achieve this with my current setup?
I’m aware pfSense has its own VPN options but we are looking to use the same setup we have in another office of ours.
The only difference with that setup is the pfSense in that location has HAProxy setup and we do have more than 1 public facing IP available to us.
When I setup Windows client VPN and have the server address as my external IP address of my WAN interface, I’m unable to establish a VPN connection.
Regarding your last comment, if I lock this port down to our remote office will this not prevent our users to connect from home? Or have I misunderstood you?
OK, so the connection is not being made. So this is not a routing issue quite yet. Must be a forwarding issue on your gateway. Check the forwarding ports and possibly the FW rules on the windows box. Logs are your friend.
I thought you were just using this to link offices together. Using your windows 2019 server as a VPN gateway is a really bad idea in my opinion. I recommend you put your VPN server in a VM or container. That is the safest approach.
As the connection is not being made, I’m not sure I will find anything in the logs.
As I’m able to connect internally I’m assuming the FW rules on the Windows server are set right. As a test I did disable Windows firewall but still couldn’t connect from outside.