Beginner help, please point me in the right direction
-
Ok I've tried so many times to get a VPN working and still haven't had success.
Goal: I want to set up a VPN server on my pfSense box so that I can connect remotely and route all my traffic through my home internet (allowing me to safely use open/unencrypted public wifi). I also need to access internal devices inside my home network.
I used to do this successfully w/ my Netgear router but I have yet to recreate this same functionality with pfSense, although I know it's there. The leap/increase in setup complexity has just been too much of a hurdle for me to sort out on my own. I've dug through many online tutorials, carefully trying to step through the many steps and make what I think are the right choices but they either aren't my specific usage case or I'm doing something wrong. Even managed to lock myself out of my pfSense box once somehow… that was fun.
I'll be connecting via the OpenVPN client on Windows for starters, but have confidence once I sort things out I can successfully use Tunnelblick on MacOS and OpenVPN on Android as I managed to do that before w/ the Netgear router. So we can focus on connectivity from a Windows client.
I have a ddns client working so I need to know where to plug in the public-facing FQDN from ddns. This was not clear from previous attempts.
Also: my hardware says it has "AES-NI CPU crypto" (AES-CBC,AES-XTS,AES-GCM,AES-ICM) so I want to use that. I am not 100% confident I have that correctly set up, however, as previous walk-through suggested I should see options during the VPN setup that I didn't see.
No doubt SOMEONE, somewhere, has written a good walk-through for my usage case as I imagine it's quite common. I've just either not managed to find it or not recognized the pfSense terminology that fits what I'm trying to accomplish. So feel free to RTF-whatever and point me to a link. :) But if there isn't a good one, and someone is willing to take this technically-adept-but-frustrated pfSense newbie under their wing for a hand-held walk through I'd certainly appreciate that. :) Thanks!
pfSense 2.4.3
-
Try following this
https://www.youtube.com/watch?v=7rQ-Tgt3L18
-
Are you using the OpenVPN Client Export package to export configurations for your clients?
https://doc.pfsense.org/index.php/OpenVPN_Remote_Access_Server
-
I would like to necro my thread and re-visit this. I am going to try working through that video, but first I want to start from a "clean slate".
My first concern is certificates. I have cruft left over from my previous attempts that I'd like to clean out... but can't seem to. For example:
Under System / Certificate Manager, under CAs I have one I had tried making "xxxxxxVPN" that it won't let me delete (the xxxxxx here and elsewhere is a vanity name I'm censoring for privacy). Then under Certificates I have:
webConfigurator default (server cert)
xxxxxxxxxx (server cert) <---I CAN delete this one, but haven't yet
xxxxxxxxxxVPN (server cert)
nnnnn's certificate (user cert)So 1 CA and 3 certificates that I can't delete. How do I clean up my previous failed stuff so I can start over clean?
-
Bump again... still need assistance. Thanks
-
Bump. Is there anyone willing to assist me on this? Thanks
-
@sremick said in Beginner help, please point me in the right direction:
Bump. Is there anyone willing to assist me on this? Thanks
Someone tried and you totally ignored him.
-
Yeah you get a response in like an hour - then don't come back for almost a year, and than ask for help again?
And to be honest - there is plenty of documentation on this already, and multiple threads upon threads upon threads...
And it really comes down to click through the wizard, export the config - done!
So why don't you let us know where your confused in the wizard or in the doc.. Or what is not working after showing us your configuration..
https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/openvpn-remote-access-server.html
What part of the above link is causing you grief?
There is a pinned link in this section that points to all the documentation you should need as well.
-
My apologies. It was not my intention to come off as ignoring anyone. I will spare you the reasons for my absence... valid as they may be, they are irrelevant to this topic. Unfortunately sometimes personal life events take precedent over geek projects.
I recognized the long hiatus and my post on 1/22 was meant to attempt to pick up where things left off. I was effectively attempting to follow the instructions in the video Makaveli6103 posted on 4/15/18 but was unable to "reset" things back to a clean start in order to accurately follow them. So my 1/22 post was a response to that. I indeed missed responding to Derelict's later question: yes, I am using the Export package (or will be, once I am able to get to that point).
In short: I am trying to clean things up, and remove the remnants of past attempts in order to be able to follow the video tutorial, but it is there that I'm stuck. No doubt the videos and documentation you mention can successfully get me there, but I first need to be able to get to a proper starting point. The videos and documentation assume starting from a virgin, clean starting point, but I have not seen documentation which explains how to remove the incorrect things already there (details in my 1/22 post).
-
Just delete whatever vpn server you setup.. Its a simple click of the trash can..
And I didn't mention any videos - follow the guide here on pfsense, not some nonsense video from 5 years ago.. It really is just click click through the wizard.. If you spend more than couple of minutes on it.. Yeah your doing it wrong!
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 23.01 | Lab VMs CE 2.6, 2.7 -
@johnpoz why are you trying to setup OpenVPN client. My suggestion is to make a self hosted vpn on your home internet. It may more secure and protect your all devices but not easy to configure. If you have some technical knowledge, then you will do otherwise you need some help. This guide might be helpful for you to configure self hosted vpn. https://www.purevpn.com/what-is-vpn/how-to-get-a-vpn
