Outils pour utilisateurs

Outils du site


Panneau latéral

Menu tree

welcome:pfsense:vpn

Very quick howto to configure a OpenVPN server

  • Create a CA
  • Create a OpenVPN-server certificate with the wizard
    • For connections from an Android devise, set Local Port on 1195 (1194 makes troubles)
    • Replace SHA1 trough SHA256 for algorithme de hachage d'authentification.
    • Into Firewall ⇒ Rules adapt the position of the entry of OpenVPN in order that the traffic won't get blocked by the firewall.
  • Create a user with a “user certificate”
  • Install openvpn-client-export
  • Export the ovpn-file

Import the ovpn-file to setup the config of the client machine. Works without afterwards settings on Android + Fedora.
See https://www.adrienfuret.fr/2016/08/04/pfsense-openvpn/ for example.

Generating a new user certificate

When the previous certificate reaches its end of live.

  • systemusers managementmodify the user
  • certificatesadd
  • give a new descriptive name and a new common name, set the life time as you need
  • VPNOpenVPNclient export
  • download the configuration you need

From Android:

  • import the ovpn-file for creating a new VPN connection
  • it should run in this state, even if connecting can be slow.
  • to speedup the connection procedure:
    • go to IP and DNS and tick replace the DNS, give your domain.tld as a suffix and the LAN-IP of the pfSense as a DNS server
    • under routing, tick redirect all trafic to VPN connection
It seems not to be recessary any more
Could produce issues by reaching adresses from the LAN
welcome/pfsense/vpn.txt · Dernière modification: 2019/12/31 15:29 (modification externe)