pfSense is a firewall software used to monitor and control incoming and outgoing network traffic based on predetermined security rules. A virtual private network (VPN) is an encrypted connection over the Internet from one device to a private network or one private network to another private network.
Steps for Configure OpenVPN on pfSense 2.5.2
- Create an internal Certificate Authority
- Create an internal Certificate
- Configure OpenVPN
- Create VPN Users
- Install Client Export Package
- Configure Client Access
Create an internal Certificate Authority
1. Open System > Cert.Manager
2. Select CAs and Click Add
3. Enter the Descriptive name and choose Method Create an internal Certificate Authority
4. Internal Certificate Authority
- Descriptive name: PFSENSE_CA
- Common Name: internal-ca
- State or Province: Enter State
- City: Enter City
- Organization: Enter Organization
- Organizational Unit: Enter Organization Unit
Create an internal Certificate
5. Open System > Cert.Manager > Certificate and Click on Add/Sign
6. Choose Method Create an internal Certificate Enter Descriptive name.
- Descriptive name: VPN_Certificate
7. Internal Certificate
- Select Certificate Authority
- Common Name: VPN_Certificate
8. Certificate Attributes
- Choose Certificate type Server Certificate and click save
Configure OpenVPN
9. Open VPN > OpenVPN> Wizards
10. Choose Type of Server: Local User Access and Click Next
11. Choose a Certificate Authority (CA) and Click Next
12. Choose a Server Certificate and Click Next
13. General OpenVPN Server Information
- Enter Description: VPN Users
- Leave settings as default
14. Cryptographic Settings
- Leave settings as default
15. Tunnel Settings
- Enter Tunnel Network: 192.168.8.0/24
- Tick Redirect Gateway
- Enter Local Network: Enter Local Network
- Enter Concurrent Connections: 50
16. Client Settings, click Next.
17. Firewall Rule Configuration
- Traffic from clients to the server
- Traffic from clients through VPN
18. Click Finish to save OpenVPN Configuration.
Create VPN Users
In this step, we are going to create VPN Users.
19. Open System > User Manager
20. Select User and Click Add
21. User Properties
Enter Username, Password, Full name, and tick Click to create a user certificate
22. Create Certificate for User
- Enter Descriptive name and choose Certificate authority
23. Click Save to save user configuration.
Install Client Export Package
OpenVPN Client Export Package is used as the easiest way to configure an OpenVPN client.
24. Open System > Package Manager
25. Select Available Packages Search OpenVPN and Install.
26. Click Confirm.
27. The installation should start, wait for it to finish.
Configure Client Access
28. Open VPN > OpenVPN > Client Export and download the Open VPN Package
Once OpenVPN Client Export Package is installed, the package is located at VPN > OpenVPN, on the Client Export tab.
29. Install the Package and Open OpenVPN
In this tutorial, we are using a Windows 10 PC
30. Right-click on the icon and click Connect
31. Enter the Password and Click OK.
32. Check the Connectivity using the ping utility.