4. OpenVpn on PF 2 B4 remote access for users

OpenVpn on PF 2 B4 remote access for users

  • T

    Hello All,

    I am setting OpenVpn for our branch users we are using Pfsense 2 B4 18 Nov release.

    There are few settings i didn't understand well, first one on the servers settings mod of auth and listen Port UDP or TCP as showing in first screen shoot.
    Second setting what should i export for user and how do i create the config file for user.

    Please advice

    Thanks




    0
  • Rebel Alliance Developer Netgate

    UDP is best unless you have no choice.

    Auth mode is up to you, if you plan on making the users in the GUI and giving them certificates, then what you have (SSL/TLS + User Auth) is best.

    Go to System > Packages and install the OpenVPN Client Export package, then you can go to VPN > OpenVPN, and you'll have a Client Export tab, from there you can download a config file, or even an executable installer that preloads the certificates into the OpenVPN client software.

    0
  • T

    @jimp:

    UDP is best unless you have no choice.

    Auth mode is up to you, if you plan on making the users in the GUI and giving them certificates, then what you have (SSL/TLS + User Auth) is best.

    Go to System > Packages and install the OpenVPN Client Export package, then you can go to VPN > OpenVPN, and you'll have a Client Export tab, from there you can download a config file, or even an executable installer that preloads the certificates into the OpenVPN client software.

    Thank you works great :D ,
    Now only one last issue i cant connect local LAN's from remote host ,did i forget  settings i see that firewall rule were created access with no restriction maybe there routing missing somewhere?

    Thanks again

    0
  • Rebel Alliance Developer Netgate

    If you have more than one subnet, you need to push more routes to the clients using the custom options box. There are multiple threads and documents about that here on the forum and on the doc wiki. If you are unable to resolve the situation, please start a new thread with an appropriate subject so that it will draw more attention.

    0
  • T

    @jimp:

    If you have more than one subnet, you need to push more routes to the clients using the custom options box. There are multiple threads and documents about that here on the forum and on the doc wiki. If you are unable to resolve the situation, please start a new thread with an appropriate subject so that it will draw more attention.

    Again thank you
    I added route under```
    Advanced configuration >push "route 192.115.37.0 255.255.255.0";

    work like a charm
    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy