Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Beginner help, please point me in the right direction

    OpenVPN
    6
    11
    546
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sremick last edited by

      Ok I've tried so many times to get a VPN working and still haven't had success.

      Goal: I want to set up a VPN server on my pfSense box so that I can connect remotely and route all my traffic through my home internet (allowing me to safely use open/unencrypted public wifi). I also need to access internal devices inside my home network.

      I used to do this successfully w/ my Netgear router but I have yet to recreate this same functionality with pfSense, although I know it's there. The leap/increase in setup complexity has just been too much of a hurdle for me to sort out on my own. I've dug through many online tutorials, carefully trying to step through the many steps and make what I think are the right choices but they either aren't my specific usage case or I'm doing something wrong. Even managed to lock myself out of my pfSense box once somehow… that was fun.

      I'll be connecting via the OpenVPN client on Windows for starters, but have confidence once I sort things out I can successfully use Tunnelblick on MacOS and OpenVPN on Android as I managed to do that before w/ the Netgear router. So we can focus on connectivity from a Windows client.

      I have a ddns client working so I need to know where to plug in the public-facing FQDN from ddns. This was not clear from previous attempts.

      Also: my hardware says it has "AES-NI CPU crypto" (AES-CBC,AES-XTS,AES-GCM,AES-ICM) so I want to use that. I am not 100% confident I have that correctly set up, however, as previous walk-through suggested I should see options during the VPN setup that I didn't see.

      No doubt SOMEONE, somewhere, has written a good walk-through for my usage case as I imagine it's quite common. I've just either not managed to find it or not recognized the pfSense terminology that fits what I'm trying to accomplish. So feel free to RTF-whatever and point me to a link. :) But if there isn't a good one, and someone is willing to take this technically-adept-but-frustrated pfSense newbie under their wing for a hand-held walk through I'd certainly appreciate that. :) Thanks!

      pfSense 2.4.3

      1 Reply Last reply Reply Quote 0
      • M
        Makaveli6103 last edited by

        Try following this

        https://www.youtube.com/watch?v=7rQ-Tgt3L18

        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          Are you using the OpenVPN Client Export package to export configurations for your clients?

          https://doc.pfsense.org/index.php/OpenVPN_Remote_Access_Server

          Chattanooga, Tennessee, USA
          The pfSense Book is free of charge!
          DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • S
            sremick last edited by

            I would like to necro my thread and re-visit this. I am going to try working through that video, but first I want to start from a "clean slate".

            My first concern is certificates. I have cruft left over from my previous attempts that I'd like to clean out... but can't seem to. For example:

            Under System / Certificate Manager, under CAs I have one I had tried making "xxxxxxVPN" that it won't let me delete (the xxxxxx here and elsewhere is a vanity name I'm censoring for privacy). Then under Certificates I have:

            webConfigurator default (server cert)
            xxxxxxxxxx (server cert) <---I CAN delete this one, but haven't yet
            xxxxxxxxxxVPN (server cert)
            nnnnn's certificate (user cert)

            So 1 CA and 3 certificates that I can't delete. How do I clean up my previous failed stuff so I can start over clean?

            1 Reply Last reply Reply Quote 0
            • S
              sremick last edited by

              Bump again... still need assistance. Thanks

              1 Reply Last reply Reply Quote 0
              • S
                sremick last edited by

                Bump. Is there anyone willing to assist me on this? Thanks

                chpalmer 1 Reply Last reply Reply Quote 0
                • chpalmer
                  chpalmer @sremick last edited by

                  @sremick said in Beginner help, please point me in the right direction:

                  Bump. Is there anyone willing to assist me on this? Thanks

                  Someone tried and you totally ignored him.

                  Triggering snowflakes one by one..

                  1 Reply Last reply Reply Quote 0
                  • johnpoz
                    johnpoz LAYER 8 Global Moderator last edited by johnpoz

                    Yeah you get a response in like an hour - then don't come back for almost a year, and than ask for help again?

                    And to be honest - there is plenty of documentation on this already, and multiple threads upon threads upon threads...

                    And it really comes down to click through the wizard, export the config - done!

                    So why don't you let us know where your confused in the wizard or in the doc.. Or what is not working after showing us your configuration..

                    https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/openvpn-remote-access-server.html

                    What part of the above link is causing you grief?

                    There is a pinned link in this section that points to all the documentation you should need as well.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                    1 Reply Last reply Reply Quote 0
                    • S
                      sremick last edited by

                      My apologies. It was not my intention to come off as ignoring anyone. I will spare you the reasons for my absence... valid as they may be, they are irrelevant to this topic. Unfortunately sometimes personal life events take precedent over geek projects.

                      I recognized the long hiatus and my post on 1/22 was meant to attempt to pick up where things left off. I was effectively attempting to follow the instructions in the video Makaveli6103 posted on 4/15/18 but was unable to "reset" things back to a clean start in order to accurately follow them. So my 1/22 post was a response to that. I indeed missed responding to Derelict's later question: yes, I am using the Export package (or will be, once I am able to get to that point).

                      In short: I am trying to clean things up, and remove the remnants of past attempts in order to be able to follow the video tutorial, but it is there that I'm stuck. No doubt the videos and documentation you mention can successfully get me there, but I first need to be able to get to a proper starting point. The videos and documentation assume starting from a virgin, clean starting point, but I have not seen documentation which explains how to remove the incorrect things already there (details in my 1/22 post).

                      1 Reply Last reply Reply Quote 0
                      • johnpoz
                        johnpoz LAYER 8 Global Moderator last edited by johnpoz

                        Just delete whatever vpn server you setup.. Its a simple click of the trash can..

                        delete.png

                        And I didn't mention any videos - follow the guide here on pfsense, not some nonsense video from 5 years ago.. It really is just click click through the wizard.. If you spend more than couple of minutes on it.. Yeah your doing it wrong!

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                        calvinsteel 1 Reply Last reply Reply Quote 0
                        • calvinsteel
                          calvinsteel Banned @johnpoz last edited by

                          @johnpoz why are you trying to setup OpenVPN client. My suggestion is to make a self hosted vpn on your home internet. It may more secure and protect your all devices but not easy to configure. If you have some technical knowledge, then you will do otherwise you need some help. This guide might be helpful for you to configure self hosted vpn. https://www.purevpn.com/what-is-vpn/how-to-get-a-vpn

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post