Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense Openvpn using Expressvpn

    Scheduled Pinned Locked Moved OpenVPN
    14 Posts 5 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Vincent_28
      last edited by

      Hello anyone succeed? Using Express manual configuration, i tried so many version like 2.3.3 , 2.3.5 and 2.4.4
      Any suggestion? to use vpn to create a OpenVPN in pfsense thanks.
      I hope you can help me thanks.

      1 Reply Last reply Reply Quote 0
      • T
        templateunheard
        last edited by

        Sorry, not sure if this helps but I did a while ago (I want to say on pfsense 2.2 or 2.3) and it worked fine.

        V 1 Reply Last reply Reply Quote 1
        • V
          Vincent_28 @templateunheard
          last edited by

          @templateunheard thanks for that.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by johnpoz

            You shouldn't be thanking anyone that suggests you run your firewall on EOL version.. Period!! Its just plain moronic advice..

            The correct advice is to run current vesion, and work out whatever it is your issue is or perceived to be..

            2 second google found the instructions over on expressvpn for pfsense - and lists steps for 2.4 needed near the end, etc. There should be no reason why this doesn't work on current version.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            V T 2 Replies Last reply Reply Quote 1
            • V
              Vincent_28 @johnpoz
              last edited by

              @johnpoz oh okay thanks for advice.

              1 Reply Last reply Reply Quote 0
              • T
                templateunheard @johnpoz
                last edited by templateunheard

                @johnpoz said in Pfsense Openvpn using Expressvpn:

                You shouldn't be thanking anyone that suggests you run your firewall on EOL version.. Period!! Its just plain moronic advice..

                The correct advice is to run current vesion, and work out whatever it is your issue is or perceived to be..

                2 second google found the instructions over on expressvpn for pfsense - and lists steps for 2.4 needed near the end, etc. There should be no reason why this doesn't work on current version.

                I'm not suggesting he doesn't run the latest version, he asked has anyone here done it and I'm saying that I did a couple of versions of pfsense ago. Def don't think me or my response was "moronic" in any way.

                Not sure how someone can overlook the actual question and lack the most basic understanding of what constitutes giving advice that badly. What you said would have been valid if the topic went like this:
                "Can anyone reccomend a version of pfsense that works with expressvpn?"
                "Yeah, 2.2 or 2.3 works well"

                However, it actually went like this:
                "Has anyone made pfsense work with Expresvpn?"
                %(#3be036)"Yeah I have, I did it on pfsense a couple of versions ago (2.2 or 2.3)"]

                Which means that... moral of the story:
                Me giving my experience of what I did isn't the same as giving advice on the topic.

                By all means shoot me a PM if you need futher clarification, english is a hard subject.

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by johnpoz

                  Your advice was BAD - PERIOD! It reads to run EOL versions be it you meant it that way or not.

                  How you should of stated it was - I used it a while back... It works, and left off what version you ran, etc. if you don't specifically recall, etc. The way your post reads is it worked on 2.2. or or 2.3.. In effect telling him to run that version.

                  He stated he had tried multiple version 2.2, 2.3, 2.4 - I was making it VERY CLEAR to only run current code on your firewall.

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  T 1 Reply Last reply Reply Quote 0
                  • T
                    templateunheard @johnpoz
                    last edited by templateunheard

                    @johnpoz
                    "Your advice was BAD - PERIOD!"
                    Again, it wasn't advice. My post was saying that I've previously done it. When talking about bad choices made during your life does that mean you're giving others advice to do the same thing? nope, of course not so stop acting like I was giving him advice in any way just because you jumped to conclusions.

                    "It reads to run EOL versions be it you meant it that way or not."
                    To any sensible human, recalling past experiences with something doesn't constitute advice in any way, and calling my comment advice or, as you put it, moronoic.

                    "How you should of stated it was - I used it a while back... It works, and left off what version you ran, etc. if you don't specifically recall, etc. The way your post reads is it worked on 2.2. or or 2.3.. In effect telling him to run that version."
                    Again, it reads this way to you. What you should have done is behave like a moderator instead of a child and say that it's a bad idea without calling my (NON-ADVICE) post moronic and no, ofc I don't have to remove my version from my response moronic just incase someone who doesn't understand would mistake that for a version that it works with.

                    "I was making it VERY CLEAR to only run current code on your firewall."
                    I have no problem with this however you were also calling me moronic, a personal attack for advice that I didn't even give based on your not reading the question enough.

                    You're a moderator, start acting like one.

                    1 Reply Last reply Reply Quote 0
                    • B
                      bcruze
                      last edited by bcruze

                      i can't comment for expressvpn. but i have setup multiple other providers, each one is a tad bit different, but i can get them to work on my pfsense box. with multiple tunnels..

                      if you can post a few verb 3 or 4 logs. and post your configuration we should be able to help troubleshoot. screen shots are even better!

                      1 Reply Last reply Reply Quote 0
                      • 4
                        4o4rh
                        last edited by

                        I am using ExpressVPN and it is fine.

                        The only problem i currently have is, i can't have two ExpressVPNs in a fallback config.
                        This has stopped working since 2.4.4, but worked on the previous 2.3.x

                        I have a bug about it here, but there is config info in there you can use.
                        https://forum.netgate.com/topic/144865/still-struggling-with-2nd-vpn-fallback-strange-routing-effect

                        1 Reply Last reply Reply Quote 0
                        • B
                          bcruze
                          last edited by

                          i use the remote host command to reconnect on failure. i know that may not be exactly what you are after :

                          https://openvpn.net/community-resources/reference-manual-for-openvpn-2-4/

                          4 1 Reply Last reply Reply Quote 2
                          • 4
                            4o4rh @bcruze
                            last edited by

                            @bcruze so you are suggesting to use
                            –remote host server1
                            –remote host server2
                            –remote host server3

                            as opposed to
                            Routing, gateway group
                            –server1 Tier 1
                            –server2 Tier 2
                            –server3 Tier 3

                            My only concern with this idea is; how to ensure preference
                            i.e. server are different cities with different latency, so with Tier structure
                            Sydney - Tier 1
                            New York - Tier 2
                            London - Tier 3

                            ExpressVPN drops the connect at least once a day, and sometimes the latency can get quite bad.
                            In 2.3.x I tried using Tier based on latency but found i had problems with video streaming interruptions.

                            I went with Member Down which solved that problem, but from memory it didn't switch back to Tier 1 as soon as Tier 1 was back online. i.e. it stayed on Tier 2 until it reset the connection, then switched back to Tier 1

                            If there was a way to prioritize the remote hosts, then this might work. Although would be better if 2.4.4 actually work they way it did in 2.3.x which functioned as intended

                            V 1 Reply Last reply Reply Quote 1
                            • B
                              bcruze
                              last edited by

                              i assume it connects in the order you put it in the config files.
                              as long as remote - random isn't in the config file (not fully positive)

                              i am NOT an expert in these matters. this is just going on what i have read online. and use myself. i don't use express, the providers i use drop maybe once a few months

                              1 Reply Last reply Reply Quote 0
                              • V
                                Vincent_28 @4o4rh
                                last edited by

                                @bcruze thanks for reference.

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.