Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Beginner help, please point me in the right direction

    Scheduled Pinned Locked Moved OpenVPN
    11 Posts 6 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sremick
      last edited by

      Ok I've tried so many times to get a VPN working and still haven't had success.

      Goal: I want to set up a VPN server on my pfSense box so that I can connect remotely and route all my traffic through my home internet (allowing me to safely use open/unencrypted public wifi). I also need to access internal devices inside my home network.

      I used to do this successfully w/ my Netgear router but I have yet to recreate this same functionality with pfSense, although I know it's there. The leap/increase in setup complexity has just been too much of a hurdle for me to sort out on my own. I've dug through many online tutorials, carefully trying to step through the many steps and make what I think are the right choices but they either aren't my specific usage case or I'm doing something wrong. Even managed to lock myself out of my pfSense box once somehow… that was fun.

      I'll be connecting via the OpenVPN client on Windows for starters, but have confidence once I sort things out I can successfully use Tunnelblick on MacOS and OpenVPN on Android as I managed to do that before w/ the Netgear router. So we can focus on connectivity from a Windows client.

      I have a ddns client working so I need to know where to plug in the public-facing FQDN from ddns. This was not clear from previous attempts.

      Also: my hardware says it has "AES-NI CPU crypto" (AES-CBC,AES-XTS,AES-GCM,AES-ICM) so I want to use that. I am not 100% confident I have that correctly set up, however, as previous walk-through suggested I should see options during the VPN setup that I didn't see.

      No doubt SOMEONE, somewhere, has written a good walk-through for my usage case as I imagine it's quite common. I've just either not managed to find it or not recognized the pfSense terminology that fits what I'm trying to accomplish. So feel free to RTF-whatever and point me to a link. :) But if there isn't a good one, and someone is willing to take this technically-adept-but-frustrated pfSense newbie under their wing for a hand-held walk through I'd certainly appreciate that. :) Thanks!

      pfSense 2.4.3

      1 Reply Last reply Reply Quote 0
      • M
        Makaveli6103
        last edited by

        Try following this

        https://www.youtube.com/watch?v=7rQ-Tgt3L18

        1 Reply Last reply Reply Quote 0
        • DerelictD
          Derelict LAYER 8 Netgate
          last edited by

          Are you using the OpenVPN Client Export package to export configurations for your clients?

          https://doc.pfsense.org/index.php/OpenVPN_Remote_Access_Server

          Chattanooga, Tennessee, USA
          A comprehensive network diagram is worth 10,000 words and 15 conference calls.
          DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
          Do Not Chat For Help! NO_WAN_EGRESS(TM)

          1 Reply Last reply Reply Quote 0
          • S
            sremick
            last edited by

            I would like to necro my thread and re-visit this. I am going to try working through that video, but first I want to start from a "clean slate".

            My first concern is certificates. I have cruft left over from my previous attempts that I'd like to clean out... but can't seem to. For example:

            Under System / Certificate Manager, under CAs I have one I had tried making "xxxxxxVPN" that it won't let me delete (the xxxxxx here and elsewhere is a vanity name I'm censoring for privacy). Then under Certificates I have:

            webConfigurator default (server cert)
            xxxxxxxxxx (server cert) <---I CAN delete this one, but haven't yet
            xxxxxxxxxxVPN (server cert)
            nnnnn's certificate (user cert)

            So 1 CA and 3 certificates that I can't delete. How do I clean up my previous failed stuff so I can start over clean?

            1 Reply Last reply Reply Quote 0
            • S
              sremick
              last edited by

              Bump again... still need assistance. Thanks

              1 Reply Last reply Reply Quote 0
              • S
                sremick
                last edited by

                Bump. Is there anyone willing to assist me on this? Thanks

                chpalmerC 1 Reply Last reply Reply Quote 0
                • chpalmerC
                  chpalmer @sremick
                  last edited by

                  @sremick said in Beginner help, please point me in the right direction:

                  Bump. Is there anyone willing to assist me on this? Thanks

                  Someone tried and you totally ignored him.

                  Triggering snowflakes one by one..
                  Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by johnpoz

                    Yeah you get a response in like an hour - then don't come back for almost a year, and than ask for help again?

                    And to be honest - there is plenty of documentation on this already, and multiple threads upon threads upon threads...

                    And it really comes down to click through the wizard, export the config - done!

                    So why don't you let us know where your confused in the wizard or in the doc.. Or what is not working after showing us your configuration..

                    https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/openvpn-remote-access-server.html

                    What part of the above link is causing you grief?

                    There is a pinned link in this section that points to all the documentation you should need as well.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • S
                      sremick
                      last edited by

                      My apologies. It was not my intention to come off as ignoring anyone. I will spare you the reasons for my absence... valid as they may be, they are irrelevant to this topic. Unfortunately sometimes personal life events take precedent over geek projects.

                      I recognized the long hiatus and my post on 1/22 was meant to attempt to pick up where things left off. I was effectively attempting to follow the instructions in the video Makaveli6103 posted on 4/15/18 but was unable to "reset" things back to a clean start in order to accurately follow them. So my 1/22 post was a response to that. I indeed missed responding to Derelict's later question: yes, I am using the Export package (or will be, once I am able to get to that point).

                      In short: I am trying to clean things up, and remove the remnants of past attempts in order to be able to follow the video tutorial, but it is there that I'm stuck. No doubt the videos and documentation you mention can successfully get me there, but I first need to be able to get to a proper starting point. The videos and documentation assume starting from a virgin, clean starting point, but I have not seen documentation which explains how to remove the incorrect things already there (details in my 1/22 post).

                      1 Reply Last reply Reply Quote 0
                      • johnpozJ
                        johnpoz LAYER 8 Global Moderator
                        last edited by johnpoz

                        Just delete whatever vpn server you setup.. Its a simple click of the trash can..

                        delete.png

                        And I didn't mention any videos - follow the guide here on pfsense, not some nonsense video from 5 years ago.. It really is just click click through the wizard.. If you spend more than couple of minutes on it.. Yeah your doing it wrong!

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                        calvinsteelC 1 Reply Last reply Reply Quote 0
                        • calvinsteelC
                          calvinsteel Banned @johnpoz
                          last edited by

                          @johnpoz why are you trying to setup OpenVPN client. My suggestion is to make a self hosted vpn on your home internet. It may more secure and protect your all devices but not easy to configure. If you have some technical knowledge, then you will do otherwise you need some help. This guide might be helpful for you to configure self hosted vpn. https://www.purevpn.com/what-is-vpn/how-to-get-a-vpn

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.