OpenVPN Config –> Help Needed



  • It seems that the OpenVPN on 1.3 is shaping up nicely.

    Does anyone care to go over a quick step by step config proces for a roadwarrior setup
    I have CA and server certificates set up
    OpenVPN server set up more or less

    For previous versions there were nice tutorials on how to generate certificates and key for the clients, however on version 1.3 I am not clear on how to do that using the Public Key Infrastructure.

    Thanks to anyone willing to help



  • Reading the presentation at bsdcan it seems that 1.3 is going to have a client certificate generation package for openvpn 'a la IPCop'.
    I guess this function is not implemented yet.
    VPN Server seems to be working …. however how do I generate certificates for the clients using the CA defined under the Cert Manager menu at this time?

    I am eager to testdrive this openvpn implementation

    thanks for any kind answers

    Johnny



  • Some time ago I read PFSense team were planning to make something like IPCop's Zerina, It would be very nice to have it in Pfsense, Zerina makes very easy to maintan OpenVPNs, for this reason I'm still using Ipcop.



  • @afrugone:

    Some time ago I read PFSense team were planning to make something like IPCop's Zerina, It would be very nice to have it in Pfsense, Zerina makes very easy to maintan OpenVPNs, for this reason I'm still using Ipcop.

    I would love to use PFSense but the certificates generation is not built-in which makes it harder to utilize.  Zerina's is a snap, I just click on generate certificates and it'll package it for me.  I then just copy the necessary files over to the client PC and volia..I'm done.

    The only thing I can think of the reason they didn't incorporate such feature into PFsense is a security issue.  They probably feel that certificate generation should be done outside the box which is fine then we need a software that we can run to generate them easy as pie.  I've followed some sample instructions on how to generate the keys on a typical linux box and it didn't work.  I tried different things.

    I think Putty can generate the keys but are they compatible with PFSense and OpenVPN in general?

    Darkk



  • Looking at the latest version of 1.3 they finally added certificate management capability and was simply awe how easy it is.

    Really looking forward to it's release in the upcoming months.

    Darkk


Locked