• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to import credentials to activate OpenVPN Client

Scheduled Pinned Locked Moved OpenVPN
5 Posts 2 Posters 532 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W
    WhiteTiger-IT
    last edited by WhiteTiger-IT Dec 9, 2020, 10:27 PM Dec 9, 2020, 9:56 PM

    I have recently been working with pfSense and it is the first time that I have configured an OpenVPN client in pfSense.
    I need to activate an OpenVPN client.
    They sent me:

    • An opnv file

    or, separately the files for:

    • Authority (ca.crt)
    • Client Cert (My-ID.crt)
    • Client Key (My-ID.key)

    After that they provided me with this information:

    • Remote Address fqdn
    • Port 1194
    • router tun
    • Protocol udp
    • Compress none
    • Local IP 10.x.y.z / 24

    But I didn't understand where and how to insert in pfSense.
    Thanks in advance for the help.
    ==== Update ====
    I did these operations:
    I opened the two crt files with an editor and copied the contents of the key:
    ----- BEGIN CERTIFICATE -----
    key
    ----- END CERTIFICATE -----
    In System/Certificate Manager/Certificates
    and in VPN/OpenVPN/Clients

    Here I then set:
    Protocol = UDP
    Device mode = tun
    Interface = WAN
    Server host or address =the fqdn
    IPv4 Tunnel Network = 10.x.y.z / 24

    Finally I set up a rule in WAN and in OpenVPN

    I think I've done everything right, but in Status/OpenVPN I see it's down.
    Since the configuration is for a Client, I should be the one to activate the connection, but where?

    V 1 Reply Last reply Dec 9, 2020, 10:28 PM Reply Quote 0
    • V
      viragomann @WhiteTiger-IT
      last edited by Dec 9, 2020, 10:28 PM

      @whitetiger-it said in How to import credentials to activate OpenVPN Client:

      Authority (ca.crt)
      Client Cert (My-ID.crt)
      Client Key (My-ID.key)

      These files can be imported using the cert manager. System > Certificate Manager
      The CA on the CAs tab > hit Add, select "import an existing CA" and enter the content of the file in the data box.

      The client cert and key can be imported in the same way, but on the Certificates tab.

      Then go to VPN > OpenVPN > Clients and configure the client based on the information you got and on the ovpn file.
      Since you haven't a username and pw select "Peer to peer (SSL/TLS)" mode.

      Just this one

      Local IP 10.x.y.z / 24

      might be the tunnel network. You should leave this blank. It is given by the server.

      After you have configured the the client go the Interface > Assignments and select the clients instance at "Available network ports:" (like ovpnc1), hit Add, open the interface, set a friendly name and enable it, save the settings.

      Further step depends on what you intend to use the OpenVPN connection.

      W 1 Reply Last reply Dec 9, 2020, 10:44 PM Reply Quote 0
      • W
        WhiteTiger-IT @viragomann
        last edited by Dec 9, 2020, 10:44 PM

        @viragomann
        Thanks for the reply.
        Meanwhile, I had already updated my post with what I did.
        I hadn't activated the interface, which I did after reading your answer.
        Nevertheless in Status/OpenVPN it always remains on reconnecting; ping-restart
        On the server site it appears that I have never connected.

        With this service they should provide me with a Static IP since my ISP gives me a private IP and I cannot reach the servers even with a DDNS

        V 1 Reply Last reply Dec 9, 2020, 10:53 PM Reply Quote 0
        • V
          viragomann @WhiteTiger-IT
          last edited by viragomann Dec 10, 2020, 10:31 AM Dec 9, 2020, 10:53 PM

          @whitetiger-it said in How to import credentials to activate OpenVPN Client:

          Nevertheless in Status/OpenVPN it always remains on reconnecting; ping-restart

          So there may be something wrong in the setup. Since I neither know what you have configured nor what you should configure, there is no way to give hints.
          You may check the OpenVPN log for details what's wrong.

          W 1 Reply Last reply Dec 10, 2020, 9:36 AM Reply Quote 0
          • W
            WhiteTiger-IT @viragomann
            last edited by Dec 10, 2020, 9:36 AM

            @viragomann
            Now it works and I have my Static IP, but another problem arises for which, however, I open a separate topic.
            In the meantime, thanks for the help.

            1 Reply Last reply Reply Quote 0
            1 out of 5
            • First post
              1/5
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
              This community forum collects and processes your personal information.
              consent.not_received