How to get my working dev tap model working in the GUI (2.0 Beta 5)

  • Part of the reason I'm working with pfSense is it's based on FreeBSD and everything done within pfSense I could do with a standard FreeBSD box.

    I tried to get the easy-rsa2.0 parts of OpenVPN working via the /root/easyrsa4pfsense method and integrating that with the  2.0 beta 5 web GUI.

    The below makes it work from the command line.  I'm trying to figure out how to make it work within the web framework OR how I can get it to import on boot/after changes in the webGUI are made.

    Added to the pf configuration:
    pass in quick on tap0 all flags S/SA keep state

    The End user file user.conf  (openvpn user.conf)

    dev tap
    proto tcp
    remote 1194
    resolv-retry infinite
    user nobody
    group nogroup
    link-mtu 1544
    ca /root/vpn/pfsense/666.crt
    cert /root/vpn/pfsense/666.crt
    key  /root/vpn/pfsense/666.key
    ns-cert-type server
    verb 4

    The config on the pfSense box

    dev tap
    writepid /var/run/
    keepalive 10 60
    proto tcp
    ifconfig-pool-persist ipp.txt
    lport 1194
    link-mtu 1544
    management /var/etc/openvpn/server1.sock unix
    push "route"
    ca /root/easyrsa4pfsense/keys/ca.crt
    cert /root/easyrsa4pfsense/keys/server.crt
    key /root/easyrsa4pfsense/keys/server.key
    dh /root/easyrsa4pfsense/keys/dh1024.pem

    So how do I get this entered into the GUI or make it stick after reboots or reloads after firewall changes in the GUI?

Log in to reply