PFSense

OpenVPN Server Profiles

Download Here

  1. Download our OpenVPN Server Profiles and extract the .ZIP
  2. Open up one of the server profile files in a text editor and leave it opened (notepad, gedit etc)
  3. Login to your pfSense Web-UI and navigate to main menu, then System > Certificate Manager > CAs Tab > Click on the +
  4. Give it a Descriptive name. A name that you can identify from the rest of other Certificate Authority inside your pfSense box. For example CELO-Germany etc.
  5. Under Method select Import from Existing Cert Auth.

    Under Certificate date text field, Go to your .OVPN file and copy everything that sits between <ca> and </ca> tag and paste it to the text field (like below) then click on Save
    pfsense-openvpn-ca-cert

  6. Click on VPN menu > OpenVPN > Clients > +Add
  7. Copy the below settings. Enter in the server name/address you would like to set up, the port number and a description for the connectionpfsense openvpn client general
  8. Enter in your VPN username (not your email) and password
    pfsense openvpn client user
  9. Under TLS authentication, Untick “Automatically generate a TLS Authentication Key”
    Go back to your .OVPN file and copy the text between <tls-crypt> and </tls-crpyt>

    Peer Certificate Authority = Select the CA you created in step 5

    Client Certificate = None (username and/or password required)
    Copy rest of the settings from below

    pfsense openvpn client crypto

    pfsense openvpn crypto settings2

  10. Leave all fields blank/default.  Change Compression setting to Omit Preference
    pfsense openvpn client tunnel
  11. Advanced settings should look like belowpfsense openvpn client advanced
  12. Go to Status > OpenVPN. You should see that the openvpn service is up and running with a virtual address assigned etc.
  13. Go to Interfaces > Assign. You should see a new available network interface. Click Add
    pfsense-openvpn-interface
  14. Click on the new Interface name (OPT1) > Copy the below settings.
  15. Click Save > Apply Settings
    pfsense-openvpn-OPT1.
  16. Click on Firewall > NAT > Outbound > Select Manual Outbound NAT > Save > Apply Settings
  17. On the Firewall / NAT / Outbound page > Click on Add
  18. Copy the below settings > Save > Apply Settings
    pfsense-openvpn-NAT-Entry
  19. Reboot PFSense via Diagnostics > RebootOnce rebooted, log back into PFSense and check the status of OpenVPN. If connected, check the connection on a device that is connected to the same network as PFSense.
Updated on June 23, 2020

Was this article helpful?

Related Articles