IPsec provides a standards-based VPN implementation that is compatible with a wide range of clients for mobile connectivity and other devices for site-to-site connectivity. It supports numerous third party devices and is being used in production with devices ranging from consumer grade Linksys routers all the way up to IBM z/OS mainframes, and everything imaginable in between.

See also

For general discussion of the various types of VPNs available in pfSense® software and their pros and cons see Virtual Private Networks.

pfSense software supports IPsec with IKEv1 and IKEv2, policy-based and route-based tunnels, multiple phase 2 definitions for each tunnel, NAT traversal, NAT on Phase 2 definitions, a large number of encryption and hash options, and many more options for mobile clients including EAP and xauth.