OpenVPN - IPcop to pfSense
-
We currently use an IPcop firewall and would like to move to pfSense for many reasons. I have installed pfSense and am trying to set up OpenVPN as we use it extensively. Our client computers already have VPN access to our network and I'm trying to find a way to connect them to the new firewall without any changes, if possible.
My big hang up is that there are multiple places for certificates and CAs and they don't directly correlate from IPcop. I just need someone to help me match up the info from IPcop to pfSense. Here is what I get from IPcop:
Certificate Authorities:
Root Certificate
Host CertificateFor each clients:
NAME.p12 file
.ovpn file names NAME-to-IPcop.ovpnThe problem is I'm not sure what goes in the Cert Manager CA tab, the Certificate tab, OpenVPN Server and client tabs, etc. I installed the Client Export addon and I have yet to see any of my clients appear there which is telling me that something is not correct. I'm also not able to access the network via OpenVPN yet.
So, if someone could give me some guidance on how to transfer these files into pfSense, that would be wonderful. Thanks!
-
Nobody has gone from IPCop to pfSense?
-
Perhaps you should start setting up pfsense as an openvpn server and create on client which can connect to pfsense openvpn. then you can compare pfsense openvpn config and ipcon openvpn config.
in the cert manager in pfsense you are able to import certs. I don't think there is another possibility to import the certs into pfsense.
If I was you I would import your CA, OpenVPN-Server-cert and a client cert in pfsense.
then setting up an openvpn server on pfsense with the imported certs and then try to connect with an IPcop client config file and the correct certs to pfsense. if that is working than you know what you have to do if you do not like any downtime for your clients. -
That's a good idea and I've messed with it a little bit. What setup in pfSense would be analogous to the roadwarrior setup in IPCop? I guess my issue is that the terminology is different in the two firewalls and so I can't just make an identical setup with my current knowledge.