In fact, I have to provide as best practice, but makes sense, all details about : what I would like to do, where I am, what is the configuration, so I have prepare a message in French with all of things and all pictures of the current configuration .... I think I have around 8 / 10 Pictures, and also pictures of PfSense Interfaces are in French 😁 and several hours to write it with some links to existing messages (I performed some search), but without success. I miss something.
But you are right, I am pretty sure that the answer is in existing messages, I will perform a new lookup on this section you provided.
It's very sample but I never do it and like everybody I want the solution without effort and fast also ...
I will check also .... if there is a how to section.
Peer to peer, TLS
UDP on v4
<your WAN interface>
server host: Your Server
server port 443 (that is real strange - udp/443 isn't something normally used but maybe CG does it)
no proxy settings
do not retry
use a TLS key
peer CA: import the ca.crt from CG
peer CRL -> none
client cert: import the client.crt and the client.key
disable NCP (CG config doesn't include it)
Auth digest: SHA256
leave tunnel network blank (none given in the config)
leave remote network
compression: omit preference (as the CG file has comp-lzo -> that's no that nice because of VORACLE)
topology net30 (I assume from your screenshot when dialed in (.62 -> .61) that they still use net30
leave the rest
set gw creation to v4 only
verbosity level 3