Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense and openvpn for new users tutorial <– with Site-To-Site now

    Scheduled Pinned Locked Moved OpenVPN
    37 Posts 12 Posters 62.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dairaen
      last edited by

      cheers,

      i have written a tutorial for users new to pfsense and OpenVPN, since
      i can't attach it here, you may download it from my homepage (under [doc])
      at:
      www.uplinksecurity.de

      This document is still BETA, it would be nice if some of you folks could
      verify the tutorial and post corrections, mistakes, additions or whatever
      right here.

      best regards
      Gino "dairaen" Thomas

      Hey Guys

      The Link to this article is no longer working

      http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

      Could the owner please update the link

      Thanks

      EDIT:
      I already mailed him. No answer.
      In the meantime you can find it here:
      http://www.pfsense.org/mirror.php?section=tutorials/openvpn/pfsense-ovpn.pdf

      Also note that on page 21 is a typo.
      The field "Interface IP" should be 192.168.10.0/24 and NOT 192.168.1.0/24

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        Both of these documents are wrong.

        You should not be assigning the tunX interface at all.  pfSense handles all this behind the scenes by itself.

        We fixed a number of bugs so you should be on the most recent snapshot.

        1 Reply Last reply Reply Quote 0
        • D
          dairaen
          last edited by

          noted, will be fixed in the next release, can you provide more info what changed
          or should not be done as described in the existing documentation?

          1 Reply Last reply Reply Quote 0
          • S
            sullrich
            last edited by

            Just leave out all parts that mention tunX

            1 Reply Last reply Reply Quote 0
            • D
              dairaen
              last edited by

              i will fix that this evening.

              1 Reply Last reply Reply Quote 0
              • H
                hoba
                last edited by

                Just try to follow your own tutorial after you removed the tunX references. if it's working it'S most likely correct  ;)

                1 Reply Last reply Reply Quote 0
                • JeGrJ
                  JeGr LAYER 8 Moderator
                  last edited by

                  As it may seem stupid to ask:

                  Yes I saw, that pfSense did tun0 behind the scenes, but how are one supposed to create filters on that IF if it is not assigned? That was my problem first hand as I was configuring OVPN and I couldn't create any rules on the tun0 IF until I added it manually as dairaen describes, too.

                  While that was a few weeks ago, things may be different now, so I hope you'll enlighten me :)

                  Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

                  If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                  1 Reply Last reply Reply Quote 0
                  • D
                    dairaen
                    last edited by

                    i am going to check that tomorrow with the newest snapshot

                    1 Reply Last reply Reply Quote 0
                    • S
                      sullrich
                      last edited by

                      You do not create filters on OpenVPN for 1.0.  This has been covered already in the OpenVPN threads on this forum.

                      1 Reply Last reply Reply Quote 0
                      • D
                        dairaen
                        last edited by

                        cheers,

                        updatet the documentation with the suggestions of Mr. Ullrich, and as expected
                        everything works fine after doing that. Pfsense can handle the tun0 stuff by itself
                        so everything is even easier now.

                        Download the latest version from:
                        http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

                        Again, please check the document if you can find anything thats
                        not easy to understand, i will try my best to fix it so that really
                        everybody can install pfsense and ovpn by following it.

                        for the mods:
                        if theres nothing to change anymore, i will remove the BETA text
                        so you may add it to the tutorials section if you like to.

                        best regards
                        dairaen

                        1 Reply Last reply Reply Quote 0
                        • N
                          Numbski
                          last edited by

                          @sullrich:

                          You do not create filters on OpenVPN for 1.0.  This has been covered already in the OpenVPN threads on this forum.

                          Wha….?

                          News to me. :)  I've been adding tunX as an interface and assigning rules on mine.  Oopsie!  Time to go fix my configs again.

                          1 Reply Last reply Reply Quote 0
                          • S
                            sullrich
                            last edited by

                            @dairaen:

                            updatet the documentation with the suggestions of Mr. Ullrich, and as expected
                            everything works fine after doing that. Pfsense can handle the tun0 stuff by itself
                            so everything is even easier now.

                            I scanned through it rather quickly but everything looks good at first glance.

                            I'll let someone more experienced with OpenVPN chime in, I just knew that tunX stuff was wrong.

                            1 Reply Last reply Reply Quote 0
                            • D
                              dairaen
                              last edited by

                              removed the BETA tag, everything works as supposed here with that configuration.

                              1 Reply Last reply Reply Quote 0
                              • D
                                dairaen
                                last edited by

                                updated the tutorial, Hernan Maslowski submitted "Easy-RSA on Windows",
                                you can download the latest Version at:

                                http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

                                mods, please add this to the tutorial section, you may link
                                directly if you like to.

                                1 Reply Last reply Reply Quote 0
                                • C
                                  cracker
                                  last edited by

                                  On page 15, Firewall: Rules

                                  there is still an OVPN1 tag. On my system there is no tag, is this generated automatically? Or have you still assigned the tun interface? This is not possible any more and causes problems.

                                  1 Reply Last reply Reply Quote 0
                                  • D
                                    dairaen
                                    last edited by

                                    damn, i already cutted that, how the f*** does it made it in there again!?

                                    Thanks, naturally thats crap. I fixed it.

                                    1 Reply Last reply Reply Quote 0
                                    • S
                                      SFM
                                      last edited by

                                      dairaen

                                      Nice work on the documentation, I wish it would of been around before I set it up (would of made it easier).
                                      This will be very helpfull for users who want to setup Openvpn on Pfsense.

                                      1 Reply Last reply Reply Quote 0
                                      • D
                                        dairaen
                                        last edited by

                                        cheers,

                                        new version online, since ppl still seem to have
                                        problems with OpenVPN i added "Site-to-Site" VPN, any volunteers
                                        are welcome to verify the new section.

                                        http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

                                        1 Reply Last reply Reply Quote 0
                                        • D
                                          dairaen
                                          last edited by

                                          sorry, uploaded a wrong version, please download again if you did,
                                          a screenshot and some ip-adresses were wrong.

                                          1 Reply Last reply Reply Quote 0
                                          • S
                                            sullrich
                                            last edited by

                                            Thanks for doing this!  I have posted this to the tutorials section.  Just let me know when to update it.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.