setting up vpn

  • Hi.
    I am trying to enable vpn on my pfsense and i used this tutorial:

    So far everything is great. So now how can i access my web gui in the internet ?

  • my LAN is:; LAN address:

  • LAYER 8 Global Moderator

    hit your lan IP when you have your vpn connection.. Or if you allowed for dns just hit the pfsense fqdn.

    As long as the local network your vpn from is not 10.10.10 or stepping over that /24 then you should have no issues. I do it almost every day from work.

    My lan IP is, and just hitting it via its fqdn from work network.



  • @johnpoz
    By hit you mean just put my LAN ip address in browser and press ENTER rigth ?

  • LAYER 8 Global Moderator

    Well yeah ;)

    As long as your browser is not setup to use a proxy you should go down the vpn and hit your web gui on pfsense.

  • @johnpoz

    My LAN is and i am trying to connect at Why am i getting this error ?

    Tue Jul 17 09:00:20 2018 OpenVPN 2.3.18 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Sep 26 2017
    Tue Jul 17 09:00:20 2018 Windows version 6.2 (Windows 8 or greater) 32bit
    Tue Jul 17 09:00:20 2018 library versions: OpenSSL 1.0.2l 25 May 2017, LZO 2.10
    Tue Jul 17 09:00:27 2018 Control Channel Authentication: using 'pfSense-udp-1194-teste-tls.key' as a OpenVPN static key file
    Tue Jul 17 09:00:27 2018 UDPv4 link local (bound): [undef]
    Tue Jul 17 09:00:27 2018 UDPv4 link remote: [AF_INET]
    Tue Jul 17 09:00:28 2018 read UDPv4: Net dropped connection or reset (WSAENETRESET) (code=10052)
    Tue Jul 17 09:00:29 2018 read UDPv4: Net dropped connection or reset (WSAENETRESET) (code=10052)
    Tue Jul 17 09:00:33 2018 read UDPv4: Net dropped connection or reset (WSAENETRESET) (code=10052)

  • LAYER 8 Global Moderator

    @ruimiguel said in setting up vpn:

    UDPv4 link remote: [AF_INET]

    How do you think you could connect to a rfc1918 address over the internet?

    If you pfsense is behind a NAT and has rfc1918 on its wan, then you have to set your client to use your actual public IP and port forward the device in front of pfsense to pfsense wan the port your running openvpn on, 1194 as example.

  • @johnpoz
    Ok. Thankx for the heads up.
    1º) For my configuration to work o should have a public ip address on my WAN. Ok

    2º) The solution you just pointed me continue to use vpn rigth ?
    So if yes:
    I understand the soluton you sugest. I only have 1 doubt. How can i set my clients to use my actual public ip address. The problem is whem i export a client i see no option to do this set you pointed.
    Forgive my stupidity, if this is so basic

  • LAYER 8 Global Moderator

    Yes it is always better to have pfsense wan right on the public vs behind a NAT. But in the export util just set what your public is or what some fqdn points to your public is.


Log in to reply