Portal Home > Knowledgebase > Tutorials / Guides > Other OSes > OpenVPN for PfSense

OpenVPN for PfSense

To set up a connection to the OpenVPN proxy.sh tunnels on PfSense, please follow the steps described below.

        1) Access the VPN tab at the top.

        2) Select the Client tab within the OpenVPN settings.

        3) Make sure Disable this client is not selected.

        4) Set the Server Mode to Peer to Peer (SSL/TLS).

        5) Set the Protocol to UDP.

        6) Set the Device mode to tun.

        7) Set the Interface to WAN.

        8) Leave the Local Port blank.

        9) Set the Server host or address to the one shown in your welcome email or panel's product details.

        10) Set the Server port to 1194.

        11) Leave all Proxy fields blank.

        12) Set the Server host name resolution to Infinitely resolve server.

        13) Set the Description to proxy.sh.

        14) Set the Peer Certificate Authority to OpenVPN.

        15) Set the Client Certificate to webConfigurator default.

        16) Set the Encryption algorithm to AES-256 CBC.

        17) Set the Hardware Crypto to No Hardware Crypto Acceleration.

        18) Leave all the Tunnel Settings blank.

        19) Add the following settings in the Advanced configuration:

                auth-user-pass /etc/openvpn-password.txt
                comp-lzo
                cipher AES-256-CBC
                auth SHA512
                tls-client
                verb 1
                ca /etc/proxysh.crt

        20) Login to the pfSense router by shell.

        21) Create a file called /etc/openvpn-password.txt with the following (these should be your VPN credentials):
   
                username
                password

        22) Copy the proxysh.crt file into your /etc/ folder. You can find this file via the download link for OpenVPN configuration files found in your welcome email or your active VPN package product details in the panel (or you can use our configuration files generator).

        23) Confirm everything. You're all set up now. Enjoy!

NB1: If you encounter difficulties to connect with OpenVPN, please try to connect to other servers or try alternative ports, especially more "discreet" ones such as TCP 443 or TCP 80. Please also make sure that the port you are connecting through is fully opened in your firewall/router/network. Below, you will find an aggregate of useful guides and articles that will help you troubleshoot your problems, should you have any.

I cannot find the .ovpn and .crt files necessary for OpenVPN. Where are they?
No matter how hard I try, I cannot succesfully connect to OpenVPN.
I can't access any website through my browser while connected to VPN.
I am connected to the VPN but my IP is not yet hidden. Help!
I am having some kind of other problem. Where can I find some help?
How can I find the local log files of my VPN client?

If you still cannot connect successfully, please open a support ticket and include either a copy of your logs or a screenshot of your configuration and encountered errors. Logs can usually be found in software menus or settings, as well as their directories of installation (.log or .txt files). If you do not include a log or a screenshot, it will be hard for us to help you resolve the issues you have with connecting to our network.

NB2: Depending on your PfSense configuration, you may experience difficulties to connect to our network due to NAT settings. In such case, please try to go to pfSense -> Firewall -> NAT -> Outbound -> Manual Outbound NAT rule generation (AON - Advanced Outbound NAT) and then move all the OPT1 mappings (VPN interface) to the top, especially above the WAN mappings. It should be helpful.
Related Knowledgebase Articles
OpenVPN for DD-WRT (Views: 3734)