• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Can all LAN devices use remote OpenVPN if pfsense is only client configured?

Scheduled Pinned Locked Moved OpenVPN
2 Posts 2 Posters 529 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    gaza
    last edited by Apr 9, 2017, 11:24 PM

    I connect my linux desktop to a remote openvpn server using

    sudo openvpn –config mycerts.ovpn

    The file mycerts.ovpn has an RSA key, CA cert, client cert, and DH Parameters contained in the file.

    I am trying to connect pfsense to this VPN server using only the credentials in the .ovpn file, and configure so all outbound traffic (from LAN to WAN) goes through an Openvpn interface.  The goal is for any device on my LAN to automatically use the VPN without configuring any client software on each device.

    Is it possible to have pfsense route all traffic through the VPN without doing anything to the devices that connect to the LAN?

    1 Reply Last reply Reply Quote 0
    • D
      duren
      last edited by Apr 10, 2017, 12:09 AM Apr 10, 2017, 12:06 AM

      It is.

      I would start by going back to your VPN provider and looking at their tutorials. Most providers these days have them and there's usually a generic openvpn one disguised as other / ddwrt / openwrt etc. Some providers even have a pfsense specific tutorial.

      I recommend this because they also usually supply the correct parameters specific to them, or even ovpn files you can use as reference in pfsense.

      There is an additional parameters section in the pfsense openvpn client config which override any of the specific settings entered prior. You will be able to paste most of your ovpn stuff in the additional parameters which will be user and perhaps have to give some fake values in the non advanced section to satisfy the UI validation.

      This is the one thing I'd like to see in pfsense: the ability to define a client by linking / uploading an ovpn file from the UI. If you know how to use the advanced parameters, you can actually link to one in there assuming you know how to copy it into the install.

      The one thing I don't recall is if all traffic in the firewall automatically flows through this client because my configuration is to VPN on a per host basis.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received