Hi, I am a bit new to advanced configuration of pfSense and I have been looking for a secured solution for my users from other locations to login to the head-office infrastructure. I have currently in place pfSense router that manages the head-office network. This network has the main LAN as the main VLan 192.168.10.X upon which the IT management resources and device are hooked unto including Windows Active Directory, DNS, Group Policy Management and File Server services are run. I have two other VLans 192.168.12.X which staff users and 10.10.30.X managers are connected to with routing services and dns by pfSense they are all able to reach the Active Directory for all the services stated above.
Now I have some staff located in other locations of the city which I want to let them connect to the head-office and be able to be managed by Active Directory, have access to the File Server and the other services.
I believe the way to go is to have a VPN in place but once I have pfSense setup, I want the best and secured way to go about this and how to set it up, especially to have one that support 2FA.
Counting on you to have a good setup please.