一、环境说明

名称
WAN
LAN
备注
pf100.example.com
DHCP
192.168.100.1/24
Server
pf200.example.com
DHCP
192.168.200.1/24
Client

PFSense 2.1建立Site to Site Open×××_PESense

PFSense 2.1建立Site to Site Open×××_Site_02




二、服务器端配置
1. ×××-->Open×××-->Server , 点击添加按钮进行服务器配置

PFSense 2.1建立Site to Site Open×××_Site_03


2.General information,选择Server Mode为“Peer to Peer(Shared Key)”
PFSense 2.1建立Site to Site Open×××_PESense_04


3.Cryptographic Settings,勾选“Automatically generate a shared key”

PFSense 2.1建立Site to Site Open×××_PESense_05



4.Tunnel Settings,设置Tunnel Network、Local Networks、Remote Networks值,并勾选“Compress tunnel packets using the LZO algorithm”

PFSense 2.1建立Site to Site Open×××_PESense_06


5. 点击“Save”按钮,保存回退到主界面
PFSense 2.1建立Site to Site Open×××_PESense_07


6.进入Open××× Server 界面,点击编辑按钮,定位到Cryptographic Settings项,复制Shared Key备用。
PFSense 2.1建立Site to Site Open×××_Site_08


三、客户端配置(pf200.example.com)

1.×××-->Open×××-->Client,点击添加按钮进午客户端配置

PFSense 2.1建立Site to Site Open×××_PESense_09


2.General information,选择Server Mode为“Peer to Peer(Shared Key)”,输入Server host IP地址
PFSense 2.1建立Site to Site Open×××_PESense_10


3.Cryptographic Settings,取消勾选“Automatically generate a shared key”,并粘贴Open×××服务器中复制的Shared Key到此处。
PFSense 2.1建立Site to Site Open×××_Site_11


PFSense 2.1建立Site to Site Open×××_PESense_12



4.Tunnel Settings,设置Tunnel Network、Remote Networks值,并勾选“Compress tunnel packets using the LZO algorithm”
PFSense 2.1建立Site to Site Open×××_PESense_13


5.点击“Save” 按钮返回主界面
PFSense 2.1建立Site to Site Open×××_Site_14

四、确认连接信息

1.服务器端 

PFSense 2.1建立Site to Site Open×××_Site_152.客户端
PFSense 2.1建立Site to Site Open×××_PESense_16五、网络测试至完成

1、客户端PING服务器IP段
PFSense 2.1建立Site to Site Open×××_Site_17

2、服务器PING客户端IP段
PFSense 2.1建立Site to Site Open×××_PESense_18