Tag Archives: FreeBSD

FreeBSD firewall with Strongswan building site to site vpn tunnel – sample

I recently has upgraded the FreeBSD version to 13 and found that the IPSec site to site between FreeBSD 13 to Juniper SRX is not working anymore. Strongswan is ditching the ipsec.conf and move to swanctl.conf. If we are moving to the vici, this requires some effort to translate the config.

I have attached the quick and dirty sample to build a Policy based site to site IPSec vpn with Strongswan. Enhancement is required for production.
The sample is suitable for the following:
– policy based VPN
– using PSK.
– source vpn termination point is NATTed and behind a internet gateway.
– dynamic public IP address for source vpn termination point.
– dynamic destination IP address for the remote IPSec VPN termination point. (required the DNS lookup for the source vpn termination point.)
– multiple VPN termination points from the same source public IP address are allowed.

Continue reading →

Install FreeBSD into a headless machine using serial console cable

Leave a reply

I have received a checkpoint firewall that has 2GB of ram and running a D525 CPU. I was thinking what can i do with it. Then i start doing the project that has been in my mind for a long time, which is to use FreeBSD as a firewall.

There is a main purpose of using FreeBSD is I want to use it as a bandwidth control device. Therefore, I start setting up the FreeBSD firewall before I get into the bandwidth control. Long story short, let s dive into the headless FreeBSD installation.

Continue reading →

network notes blog

A place to share a bit of everything of computing, networking, virtualization and anything an IT guy would do with his spare time.

Tag Archives: FreeBSD

FreeBSD firewall with Strongswan building site to site vpn tunnel – sample

Install FreeBSD into a headless machine using serial console cable