Pfsense and openvpn for new users tutorial <– with Site-To-Site now
-
cheers,
i have written a tutorial for users new to pfsense and OpenVPN, since
i can't attach it here, you may download it from my homepage (under [doc])
at:
www.uplinksecurity.deThis document is still BETA, it would be nice if some of you folks could
verify the tutorial and post corrections, mistakes, additions or whatever
right here.best regards
Gino "dairaen" ThomasHey Guys
The Link to this article is no longer working
http://www.uplinksecurity.de/data/pfsense-ovpn.pdf
Could the owner please update the link
Thanks
EDIT:
I already mailed him. No answer.
In the meantime you can find it here:
http://www.pfsense.org/mirror.php?section=tutorials/openvpn/pfsense-ovpn.pdfAlso note that on page 21 is a typo.
The field "Interface IP" should be 192.168.10.0/24 and NOT 192.168.1.0/24 -
Both of these documents are wrong.
You should not be assigning the tunX interface at all. pfSense handles all this behind the scenes by itself.
We fixed a number of bugs so you should be on the most recent snapshot.
-
noted, will be fixed in the next release, can you provide more info what changed
or should not be done as described in the existing documentation? -
Just leave out all parts that mention tunX
-
i will fix that this evening.
-
Just try to follow your own tutorial after you removed the tunX references. if it's working it'S most likely correct ;)
-
As it may seem stupid to ask:
Yes I saw, that pfSense did tun0 behind the scenes, but how are one supposed to create filters on that IF if it is not assigned? That was my problem first hand as I was configuring OVPN and I couldn't create any rules on the tun0 IF until I added it manually as dairaen describes, too.
While that was a few weeks ago, things may be different now, so I hope you'll enlighten me :)
-
i am going to check that tomorrow with the newest snapshot
-
You do not create filters on OpenVPN for 1.0. This has been covered already in the OpenVPN threads on this forum.
-
cheers,
updatet the documentation with the suggestions of Mr. Ullrich, and as expected
everything works fine after doing that. Pfsense can handle the tun0 stuff by itself
so everything is even easier now.Download the latest version from:
http://www.uplinksecurity.de/data/pfsense-ovpn.pdfAgain, please check the document if you can find anything thats
not easy to understand, i will try my best to fix it so that really
everybody can install pfsense and ovpn by following it.for the mods:
if theres nothing to change anymore, i will remove the BETA text
so you may add it to the tutorials section if you like to.best regards
dairaen -
You do not create filters on OpenVPN for 1.0. This has been covered already in the OpenVPN threads on this forum.
Wha….?
News to me. :) I've been adding tunX as an interface and assigning rules on mine. Oopsie! Time to go fix my configs again.
-
updatet the documentation with the suggestions of Mr. Ullrich, and as expected
everything works fine after doing that. Pfsense can handle the tun0 stuff by itself
so everything is even easier now.I scanned through it rather quickly but everything looks good at first glance.
I'll let someone more experienced with OpenVPN chime in, I just knew that tunX stuff was wrong.
-
removed the BETA tag, everything works as supposed here with that configuration.
-
updated the tutorial, Hernan Maslowski submitted "Easy-RSA on Windows",
you can download the latest Version at:http://www.uplinksecurity.de/data/pfsense-ovpn.pdf
mods, please add this to the tutorial section, you may link
directly if you like to. -
On page 15, Firewall: Rules
there is still an OVPN1 tag. On my system there is no tag, is this generated automatically? Or have you still assigned the tun interface? This is not possible any more and causes problems.
-
damn, i already cutted that, how the f*** does it made it in there again!?
Thanks, naturally thats crap. I fixed it.
-
dairaen
Nice work on the documentation, I wish it would of been around before I set it up (would of made it easier).
This will be very helpfull for users who want to setup Openvpn on Pfsense. -
cheers,
new version online, since ppl still seem to have
problems with OpenVPN i added "Site-to-Site" VPN, any volunteers
are welcome to verify the new section. -
sorry, uploaded a wrong version, please download again if you did,
a screenshot and some ip-adresses were wrong. -
Thanks for doing this! I have posted this to the tutorials section. Just let me know when to update it.
