Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Importing existing Linux OpenVPN setup

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 666 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W Offline
      whitwye
      last edited by

      Hi,

      What does it take to import an existing OpenVPN setup? This is one where we need to keep it coordinated with Linux servers which will remain in use in various locations. We use easy-rsa to manage the certs, and coordinate them by rsyncing them to the satellite systems. Will this integrate with pfSense? Or is it going to be so awkward that setting up a VM behind pfSense would be required? We'd rather have OpenVPN in pfSense if we can, so that access is available as long as pfSense – which we're installing to a failover pair -- is up at all.

      Thanks,
      Whit

      1 Reply Last reply Reply Quote 0
      • D Offline
        divsys
        last edited by

        You haven't described what connects to what in this setup.
        Is a Linux server acting as an OpenVPN server and other boxes connect as clients?
        Any Windows clients?
        How many boxes/connections are we talking about?
        Is it a full mesh setup?
        Have you designated a single server or other system as the "Keeper of the Certificates"?

        In general it shouldn't be too tough to migrate over to pfSense fairly seamlessly.
        Should be a matter of importing the required CA and (possibly a new) Cert for the pfSense OpenVPN server.

        Then it's a matter of copying in the settings from the existing config into a new OpenVPN server instance under pfSense.
        Personally, for one server, I would hand enter the settings from the old OpenVPN server's config into the pfSense GUI.
        Better error checking and less chance of something "odd" happening.

        -jfp

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.