Categories
Uncategorized

Back on (tunnelled) IPv6

On principle, I dislike not being able to present my Internet-facing services over IPv6. The reasoning is simple: Unless services exist that use IPv6, ISPs have no reason to provide it. I’m obviously microscopic in this context, but I’m doing my thing to help the cause. As mentioned earlier, I first experimented with Hurricane Electric’s […]

Categories
Uncategorized

IKEv2 IPsec VPN with pfSense and Apple devices

Part 2: Apple VPN clients (Part 1) In the first part, we configured the pfSense firewall to allow clients to establish secure VPN connections to it. Now we’ll look at what needs to be done to get the clients to actually connect. Specifically, we’ll create an Apple configuration profile that we can deliver to devices […]

Categories
Uncategorized

IKEv2 IPsec VPN with pfSense and Apple devices

Part 1: pfSense configuration For a long time I’ve been content running a simple SSH gateway into my network, since I was severely bandwidth-limited. The connection was secured in a number of ways I consider a sort of best practice: no remote login for the root account, key based (as opposed to password based) logon, […]