Dh1024.pem is located where in PFENSE2

  • Hi,

    sorry for may worse english and maybe for the wrong position in the forum. I´m a new user.

    I try to use a pfsense2.0 openvpn and it work fine.

    Now i try to use the same certificates, which where created by pfsense2 on a pfsense1.2.3

    but i need the dh1024.pem file to bring the server on the pfsense1.2.3 up.

    I have searched all directories on the pfsense2.0 a specially the /var/etc/openvpn and as i found out in pfsense1.2.3 that the files is stored in /root.
    There is no dh1024.pem files on my box.

    Can anybody tell me, how to configure pfsense1.2.3 with the files from pfsense2.0

    I have to do this, because we use the pfsense1.2.3 as a load balance and won´t got to pfsense2.0 until there is a final release.


  • Rebel Alliance Developer Netgate

  • Thnks a lot

    But there is another problem coming up with Portforwarding!

    I followed the guide line:

    at point:
    OpenVPN hinter einem bestehenden NAT Router betreiben

    so the first router ist a pfsense2.0-rc1

    i tried to nat port 1195 to the secound router, which is a pfsense1.2.3 as i reported in the message bevor.

    i can´t reach the openvpn server at the pfsense1.2.3 on port 1195.

    all netsettings are correct - no mis match in networks.

    the pfsense1.2.3 is set up as a load balancer. so i have to other routers in front of this box.
    when i connect to the pfsense1.2.3 from the other router in front, everything is working fine. So in my eyes the firewall rules, which i set on the pfsense1.2.3 are correct. both (for accepting incoming trafic on port 1195) rules are identical, without source adress :-)

    can anybody tell me how to set up nat on the pfsense2.0-rc1 that there is a correct forwarding of all WAN-connections on port 1195 to the openvpn-server on the pfsense1.2.3???

    here is my nat-conf a the moment - see attached picture nat.jpg ist the ip-adress of the pfsense1.2.3 interface

  • Rebel Alliance Developer Netgate

    Please start a new thread for a new issue, so it's easier for others to find and contribute.

Log in to reply