pfSense 2.6.0 is a firewall software used to monitor and control incoming and outgoing network traffic based on predetermined security rules. A virtual private network (VPN) is an encrypted connection over the Internet from one device to a private network or one private network to another private network.
Demo environment (Virtual)
CPU: 64-bit
RAM: 4GB
Disk drive: 10GB
Network interface: 2
Steps for Configure OpenVPN on pfSense 2.6.0
- Create an internal Certificate Authority
- Create an internal Certificate
- Configure OpenVPN
- Create VPN Users
- Install Client Export Package
- Configure Client Access
Create an internal Certificate Authority
1. Open System > Cert.Manager
2. Select CAs and Click Add.
3. Enter the Descriptive name and choose Method Create an internal Certificate Authority.
4. Internal Certificate Authority
- Descriptive name: PFSENSE_CA
- Common Name: internal-ca
- State or Province: Enter State
- City: Enter City
- Organization: Enter Organization
- Organizational Unit: Enter Organization Unit
Create an internal Certificate
5. Open System > Cert.Manager > Certificate and Click on Add/Sign
6. Choose Method Create an internal Certificate Enter a Descriptive name
- Method: Create an internal Certificate
- Descriptive name: VPN_Certificate
7. Internal Certificate
- Select Certificate Authority
- Common Name: VPN_Certificate
8. Certificate Attributes
- Choose Certificate type Server Certificate and click save
Configure OpenVPN
9. OpenVPN > OpenVPN> Wizards
10. Choose Type of Server: Local User Access and click Next.
11. Choose a Certificate Authority (CA) and click Next.
12. Choose a Server Certificate and click Next.
13. General OpenVPN Server Information
- Enter Description: VPN Users
- Leave settings as default
14. Cryptographic Settings
- Leave settings as default
15. Tunnel Settings
- Enter Tunnel Network: 192.168.8.0/24
- Redirect Gateway
- Enter Local Network: 192.168.2.0/24
- Enter Concurrent Connections: 20
16. Client Settings click Next.
17. Firewall Rule Configuration
- Traffic from clients to the server
- Traffic from clients through VPN
18. Click Finish
Create VPN Users
19. Open System > User Manager
20. Select Users and Click Add
21. User Properties
Enter Username, Password, Full name, and tick Click to create a user certificate
22. Create Certificate for User
Enter Descriptive name and choose Certificate authority
23. Click Save
Install Client Export Package
OpenVPN Client Export Package is used as the easiest way to configure an OpenVPN client.
24. Open System > Package Manager
25. Select Available Packages Search OpenVPN and Install.
26. Click Confirm.
27. The installation should start, wait for it to finish.
Configure Client Access
28. Open VPN > OpenVPN > Client Export and download the Open VPN Package
Once OpenVPN Client Export Package is installed, the package is located at VPN > OpenVPN, on the Client Export tab.
29. Install the Package and Open OpenVPN
Note: In this tutorial, we are using Windows 10 Computer
30. Right-click on the icon and click Connect.
31. Enter the Password and Click OK.
32. Check the Connectivity using the ping utility.