UPDATE 2021-03-18: Netgate has decided to remove WireGuard from pfSense for the time being. I'm going to leave these instructions here for when WireGuard returns.
These instructions previously only described how to route traffic from a pfSense router through an AlgoVPN using IPsec. With version 2.5 pfSense supports WireGuard, which makes using pfSense with an AlgoVPN easier.
Some advantages of using WireGuard with pfSense:
-
Configuring WireGuard is easier than IPsec.
-
No changes to the AlgoVPN server or scripts are required. In order to avoid these changes NAT must be used on pfSense. NAT is always used by an AlgoVPN.
-
Policy Routing can be used to determine at a more granular level what traffic gets sent over the tunnel.
For instructions see Using an AlgoVPN with pfSense using WireGuard.
Some advantages of using IPsec with pfSense:
-
The extra layer of NAT is not required.
-
Works with versions of pfSense prior to 2.5.
For instructions see Using an AlgoVPN with pfSense using IPsec.