Overplay OpenVPN on pfSense 2.0 beta - all traffic - how to



  • Wanted to create  a pfSense box that connects directly to my ADSL modem and automatically connects to Overplay, and routes all traffic from my LAN to Overplay, using pfSense 2.0 beta.
    (I have pfSense 2.0 beta up and running, connected directly to ADSL modem and provided home network Internet access)

    I found this tutorial for how to do it using Strongvpn, but it uses 4 files made avaialble by StrongVPN (ca.crt, ovpn059.crt, ovpn059.key and ta.key). The …059 varies with server
    http://forum.pfsense.org/index.php?topic=29944.0

    From Overplay, I only get two files (overplaycert.crt and overplay - US-West-1.ovpn)
    Of course, I have username and PW

    I have little or no working knowledge of pfSense, but wanted to use what looked like a detailed guide to get me up and running with Overplay OVPN on pfSense. the advanteage of this tutorial is that it shows me how to create interfaces, firewall entries etc - issues I could not do on my own. Apart from pfSense, I am Windows-based

    How can I generate the missing certificates/keys?

    Or is there some other way to do this with a Guide or FAQ - link?
    The reason I need to do this is that Overplay is far faster than StrongVPN from my location
    If this can be done by setting up a PPTP connection instead of Open, any links or guides?

    Any help appreciated
    Jeff


  • Rebel Alliance Developer Netgate

    You don't generate the keys, the provider should have given them to you. What does the line in the .ovpn file look like that references the .crt file?



  • Same problem with VyprVPN, only two files : ca.vyprvpn.com.crt and us1.vpn.giganews.com.ovpn

    In red the line that references the .crt file

    client
    dev tun
    proto udp
    remote us1.vpn.giganews.com 1194
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    persist-remote-ip
    ca ca.vyprvpn.com.crt
    tls-remote us1.vpn.giganews.com
    auth-user-pass
    comp-lzo
    verb 3



  • The usual implementation of OpenVPN does not use usernames and passwords…it relies on a PKI certificate exchange to authenticate both ends of the link.  But there are other options.

    In your case, the line

    auth-user-pass
    

    in the config file indicates that client authentication is via username & password rather than PKI certificate exchange (actually, it can be used in addition to PKI, but then you would have the key and cert files in addition to the ca…crt file.)

    So the other two files are not needed.



  • Thanks now everything works  :)



  • Could you let me know what exactly you did to get vyprvpn working? maybe a screenshot of the entire openvpn client settings page or something like that?


Locked