Overplay OpenVPN on pfSense 2.0 beta - all traffic - how to

jeffnoone

Wanted to create  a pfSense box that connects directly to my ADSL modem and automatically connects to Overplay, and routes all traffic from my LAN to Overplay, using pfSense 2.0 beta.
(I have pfSense 2.0 beta up and running, connected directly to ADSL modem and provided home network Internet access)

I found this tutorial for how to do it using Strongvpn, but it uses 4 files made avaialble by StrongVPN (ca.crt, ovpn059.crt, ovpn059.key and ta.key). The …059 varies with server
http://forum.pfsense.org/index.php?topic=29944.0

From Overplay, I only get two files (overplaycert.crt and overplay - US-West-1.ovpn)
Of course, I have username and PW

I have little or no working knowledge of pfSense, but wanted to use what looked like a detailed guide to get me up and running with Overplay OVPN on pfSense. the advanteage of this tutorial is that it shows me how to create interfaces, firewall entries etc - issues I could not do on my own. Apart from pfSense, I am Windows-based

How can I generate the missing certificates/keys?

Or is there some other way to do this with a Guide or FAQ - link?
The reason I need to do this is that Overplay is far faster than StrongVPN from my location
If this can be done by setting up a PPTP connection instead of Open, any links or guides?

Any help appreciated
Jeff

jimp

You don't generate the keys, the provider should have given them to you. What does the line in the .ovpn file look like that references the .crt file?

yob

Same problem with VyprVPN, only two files : ca.vyprvpn.com.crt and us1.vpn.giganews.com.ovpn

In red the line that references the .crt file

client
dev tun
proto udp
remote us1.vpn.giganews.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca ca.vyprvpn.com.crt
tls-remote us1.vpn.giganews.com
auth-user-pass
comp-lzo
verb 3

Xyzzy

The usual implementation of OpenVPN does not use usernames and passwords…it relies on a PKI certificate exchange to authenticate both ends of the link.  But there are other options.

In your case, the line

auth-user-pass

in the config file indicates that client authentication is via username & password rather than PKI certificate exchange (actually, it can be used in addition to PKI, but then you would have the key and cert files in addition to the ca…crt file.)

So the other two files are not needed.

yob

Thanks now everything works  :)

obstler

Could you let me know what exactly you did to get vyprvpn working? maybe a screenshot of the entire openvpn client settings page or something like that?