pfSense Wireguard Site-to-Site VPN Setup (3-Way) Tutorial

No video

pfSense Wireguard Site-to-Site VPN Setup (3-Way) Tutorial

Рет қаралды 9,962

Күн бұрын

Welcome to our detailed masterclass on setting up a site-to-site VPN using pfSense and WireGuard, the ultimate guide for both beginners and seasoned IT professionals. This tutorial is meticulously crafted to walk you through every step of creating a secure and efficient site-to-site VPN connection, utilising the robust capabilities of pfSense and the modern, fast WireGuard protocol.
Key Highlights:
👉 Step-by-Step Tutorial: Our guide is packed with clear, step-by-step instructions to ensure you can easily set up your site-to-site VPN.
👉 Expert Insights: Gain invaluable insights from seasoned experts in network security and VPN configurations.
👉 Real-World Scenarios: Learn how to handle common and complex scenarios in setting up site-to-site VPNs.
👉 Interactive Q&A Sessions: Engage with our experts in the comments to clarify doubts or expand your understanding.
What You'll Learn:
👉 Understanding VPNs & WireGuard: Dive into the basics of VPNs and why WireGuard is a game-changer in the field.
👉 pfSense Configuration: Detailed guidance on configuring pfSense for optimal performance and security.
👉 WireGuard Setup: Learn to set up WireGuard on pfSense for a seamless site-to-site VPN experience.
👉 Network Security Best Practices: Essential tips and practices to ensure your VPN is as secure as possible.
👉 Troubleshooting Common Issues: Practical advice on identifying and resolving typical setup challenges.
Who Should Watch?
👉 IT Professionals & Network Administrators
👉 Cybersecurity Enthusiasts
👉 Businesses Seeking Secure Networking Solutions
👉 Anyone Interested in Advanced VPN Setups
Timestamps:
00:00 - Introduction, video purpose
01:20 - Installing WireGuard
02:29 - Initial WireGuard Settings
04:30 - Configuring WireGuard Tunnels
07:25 - WireGuard Firewall Rules
11:00 - Setting up Peers (sites)
19:40 - Adding WireGuard Gateways
23:34 - Adding Static Routes via Gateways
29:04 - Adding a third Site (Site C)
46:19 - Like and Subscribe!
=== SUPPORT OUR CHANNEL ===
Support our channel by joining our KZbin channel membership to donate a small amount each month. Not only does your support help us continue creating content you love, but as a channel member, you'll also enjoy early access to our videos. While our videos are scheduled for regular days and times, becoming a channel member allows you to watch them as soon as they are uploaded. Your support truly makes all the difference!
Channel Membership:
👍 www.youtube.com/@sheridans/join
Patreon:
💳 go.sheridan.uk/patreon
=== GET IN TOUCH ===
📣 Hire Us: Hire us for a Project
go.sheridan.uk/hire
📣 Forums: Discussion on Videos
go.sheridan.uk/forum
📣 Facebook: Follow Us on Facebook
go.sheridan.uk/fb
📣 LinkedIn: Connect with us on LinkedIn
go.sheridan.uk/linkedin
📣 Twitter: Get in touch on X (Twitter)
go.sheridan.uk/x
📣 Website: Our Website
sheridancomputers.co.uk/
===
=== AFFILIATES & REFERRALS ===
This video is NOT sponsored. Some product links are affiliate links which means if you buy something we'll receive a small commission.
Sheridan Computers Swag Store on Amazon:
go.sheridan.uk/swag
🛍️ Amazon Affiliate Store: Products We Use
go.sheridan.uk/amazon
AUDIO AND VIDEO
🎧 AE Juice: animation tools, plugins and presets
go.sheridan.uk/aejuice
CLOUD HOSTING, SERVERS AND STORAGE
☁️ Digital Ocean: VPS & Storage
go.sheridan.uk/ocean
☁️ HostiFi: Cloud UniFi Controllers
go.sheridan.uk/hostifi
☁️ Vultr: VPS & Storage
go.sheridan.uk/vultr
===
#VPN #pfSense #WireGuard #SiteToSiteVPN #NetworkSecurity #Cybersecurity #ITProfessional #VPNSetup #TechTutorial #SecureNetworking
Don't forget to like, share, and subscribe for more in-depth tech tutorials. Hit the bell icon to stay updated on our latest content. Join our community today and revolutionise the way you set up VPNs!

Пікірлер: 47

@Paulser1991 7 ай бұрын

Not sure if this just me but I had better experance also setting the MTU on wireguard interfaces (All Sites) as pfsense wireguard seems fussy from time to time about this. E.g. 1280 (or maybe somthing higher)

@sheridans 7 ай бұрын

I have had issues with this before, my home instance, for example, has both MTU and MSS set to 1420 and hasn't had any issues at all. During testing for this video, it didn't seem to make a difference.

@RoboNuggie 8 ай бұрын

This is gold... I'm going to bookmark this, and use it as a reference guide.... Top stuff Sam!

@sheridans 8 ай бұрын

Cheers buddy

@trevelvin7455 8 ай бұрын

Enjoyed this video. Have seen other pfsense wireguard site to site videos but enjoyed this one as you added a third one, which a lot of people would do later..thanks

@sheridans 8 ай бұрын

Thank you for the kind words, and taking the time to leave feedback Much appreciated 🙏

@eostrike 8 ай бұрын

Thank you for making this video, we'll done.

@sheridans 7 ай бұрын

Thanks for the feedback 👍

@bopal93 8 ай бұрын

Great video. Always love your explanations

@sheridans 8 ай бұрын

Thank you for the kind words

@HuseynBaxshiyev 5 ай бұрын

Thanks !

@sheridans 5 ай бұрын

Welcome!

@allaboutcomputernetworks 5 ай бұрын

Nice tutorial video.👍

@sheridans 5 ай бұрын

Thank you for the kind words, always appreciated to see someone is finding some use out of them 😊

@paulturner968 8 ай бұрын

Outstanding! I finally got my third location added. Thank You!! My only wish is that it would have just gone a bit further and got SiteB & SiteC talking. You mentioned firewall rules and am messing with it but not having success. However, appreciative of the help you provided.

@sheridans 8 ай бұрын

Glad you got it working, I may take a look at getting site b and c talking, it's not something I've needed tbh, as long as everything coupd speak back to main sites that's all i required

@paulturner968 8 ай бұрын

@@sheridans Thank you for your response! Ya, I travel between the three offices quite a bit. I have heard about a 'mesh' solution vs 'hub and spoke', but very hard to find any content on. You might get a lot of views ;)

@user-dd9lp3rp9m 3 ай бұрын

Thank you. great video. I wish this was a mesh setup to provide some redundancy between the three sites as there's almost no content or tutorials on this anywhere on the web. Please think of making a video for a WG mesh setup between 3 sites. Also you've earned a new sub! 👍⭐

@sheridans 3 ай бұрын

Thank you for the sub. You're not the first person yo mention this, will look at covering it

@Wora-dg9hw 6 ай бұрын

Do you have a way for adding other public IP addresses to utilize as backup links when the first one fails at the server site? Thank you in advance.

@walpicarbrasil 6 ай бұрын

Hello, the video is very good, but how do I make the link highly available? I made 2 tunnels and 2 separate pears, to create HA, but the routes only accept one with the same destination, I made automatic routes with OSFP following the DOC, but it didn't work, what would it look like in this case? Could you help me, please?

@sheridans 6 ай бұрын

Thanks for the feedback, appreciated. I'd have to this in all honesty, out of curiosity will try to test this out

@sydplace1540 5 ай бұрын

Hi, can you also please show the physical connection of two different machines. Thanks in advance.

@sheridans 5 ай бұрын

What do you mean by physical connection? Sorry I don't understand

@geepriest 8 ай бұрын

Excellent tutorial Sir... is it possible to access network devices via hostname and not just via IP address?

@sheridans 8 ай бұрын

You can do it in pfsense via dns resolver, tell it to send all requests for youdomain.local for example to a server than can resolver them (ie dc)

@sheridans 5 ай бұрын

Hi, sorry for replying late. youtube comments are hard to spot at best. yes, you can point to a dns server or edit static hosts file.

@Hi5ist 6 ай бұрын

Great video! Still having something wrong... If I test with ping in the pfsense diagnostic tool it works perfect, but it doesn't work if i do ping from y pc, I do research with no success, do yo have some clue?

@sheridans 6 ай бұрын

Have you set the the allowedip setting?

@Hi5ist 6 ай бұрын

@@sheridans Yes, I allowed the wireguard network and my remote site network, the problem is when I try to ping or connect from my Bridge interface as i had one to have 3 ports as a switch in my pfsense box

@aytacdede81 6 ай бұрын

thanks for your video . i would like to ask something in my scheme ; i have 5 sites and each one conected between them using ipsec (site A has a server) so sometimes site A lost internet connection , so i put a new ethernet interface to my site a pfsense but my second internet conection in site A Pfsense coming from a Nat so i cant open port or like something because it is a home user internet . what i want to do : if site a internet down i want to use wireguard vpn to connect all other sites to site A using my second internet connection on it . otherwise ipsec vpn with my first static ip conection ip also working (sorry for my poor english) thanks for your answer

@aytacdede81 6 ай бұрын

i tried to make with openvpn (i installed open vpn cliect to my server then these cliect conecting to my other sites pfsense openvpn server ) but open vpn is not stable and sometimes windows rdp stay with black screen i dont know reason but with ipsec everthing work perfectly . In summary, what I want to do is the following when the main internet of my site A fails to use my dynamic home internet double nat that makes connections using wireguard vpn. I don't think wireguard and pfsense would work pointing to the same lan?

@sheridans 6 ай бұрын

OpenVPN is stable, it's more than likely external factors affecting it

@aytacdede81 6 ай бұрын

@@sheridansfor example?

@peterdee1900 Ай бұрын

I have followed this guide, but clients behine each pfsense firewall can access the subnet of the otherside. What rules are needed to allow clients to talk to each other.

@sheridans Ай бұрын

Have you tried disabling windows firewall on a machine you're trying to access as a test to make sure it's not firewall related?

@peterdee1900 Ай бұрын

@@sheridans I reboot sorted this issue out. Routes where correctly then pushed to the client computers. Thanks!

@sheridans Ай бұрын

@@peterdee1900 Glad you got it working and thank you for the update regarding the reboot