I recently needed to create a new site to site VPN, but there was a few challenges to this. First of all the router of the new site is behind NAT and it would be moved to other physical locations everynow and then. I needed something that works both behind NAT and initiates the connection, that’s when I started to think about wireguard. I have used wireguard in the past, so it wasn’t exactly new to me.

NOTE: Remember to create a backup before you proceed!

1. Start by editing /usr/local/etc/pkg/repos/pfsense.repo and change the first line so it looks like this
   

   FreeBSD: {
     url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
     mirror_type: "srv",
     signature_type: "fingerprints",
     fingerprints: "/usr/share/keys/pkg",
     enabled: yes
   }

   
   Read More →

Den danske ISP Hiper tilbyder sine DSL og Fiberkunder en /48 (65536 net, så det burde være rigeligt) native IPv6 adresser. Hiper tilbyder også at man kan benytte sin egen router i stedet for den Zyxel router de udleverer. For at bruge sin egen router skal man konfigurere sit WAN interface med VLAN 101 tagged. Se mere her https://www.hiper.dk/bredbaand/fiber