Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Start VPN before user login to machine

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 5 Posters 697 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      piotres
      last edited by

      Hello there,
      Can someone help me to setup OpenVPN on pfSense so it starts before user login to machine? Since everyone start working from home I can not push GPO per machine anymore - users login to VPN after they login to computers.
      We create user for each VPN connection (in pfSense System/User Manager/Users) and then client is installed on user's laptop.

      KOMK bingo600B 2 Replies Last reply Reply Quote 0
      • KOMK
        KOM @piotres
        last edited by

        @piotres I believe that OpenVPN can be run as a service but I have never tried.

        1 Reply Last reply Reply Quote 0
        • bingo600B
          bingo600 @piotres
          last edited by bingo600

          @piotres
          I think you mean start the openvpn on the client machine (Windows) , before logging on to the "Domain".
          So you are not using "Casched Domain credentials".

          I remember Cisco VPN having a "Gina" that did excactly this.

          But have no idea if OpenVPN has something like that.

          To me this seems to be a "Client issue" , not a pfSense issue.
          But someone still might have a tip.

          Seems like there are some good hits if you search for : openvpn windows start before logon
          /Bingo

          If you find my answer useful - Please give the post a šŸ‘ - "thumbs up"

          pfSense+ 23.05.1 (ZFS)

          QOTOM-Q355G4 Quad Lan.
          CPUĀ  : Core i5 5250U, Ram : 8GB Kingston DDR3LV 1600
          LANĀ  : 4 x Intel 211, DiskĀ  : 240G SAMSUNG MZ7L3240HCHQ SSD

          1 Reply Last reply Reply Quote 0
          • P
            Panoptic
            last edited by

            We use SSL/TLS remote access with no user auth and run as a service. This setup works great on a domain as everything just works as if you were on the lan. Just make sure you set your ovpn dns servers to the DCs on your lan.

            P 1 Reply Last reply Reply Quote 1
            • P
              piotres @Panoptic
              last edited by

              @panoptic
              That is a good hint. Thanks!
              How do you setup OpenVPN for remote user? I can not find any useful article online.

              1 Reply Last reply Reply Quote 0
              • K
                knothing
                last edited by

                You can use machine certificates for authentication. Certificates stored in local computer store or slipstreamed into openvpn config file. This makes vpn connection to establish with no authentication prompts.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.