How to get my working dev tap model working in the GUI (2.0 Beta 5)
-
Part of the reason I'm working with pfSense is it's based on FreeBSD and everything done within pfSense I could do with a standard FreeBSD box.
I tried to get the easy-rsa2.0 parts of OpenVPN working via the /root/easyrsa4pfsense method and integrating that with the 2.0 beta 5 web GUI.
The below makes it work from the command line. I'm trying to figure out how to make it work within the web framework OR how I can get it to import on boot/after changes in the webGUI are made.
Added to the pf configuration:
pass in quick on tap0 all flags S/SA keep stateThe End user file user.conf (openvpn user.conf)
client
dev tap
proto tcp
remote 8.8.8.8 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
link-mtu 1544
ca /root/vpn/pfsense/666.crt
cert /root/vpn/pfsense/666.crt
key /root/vpn/pfsense/666.key
ns-cert-type server
verb 4The config on the pfSense box
dev tap
client-to-client
writepid /var/run/openvpn_server1.pid
keepalive 10 60
ping-timer-rem
persist-key
proto tcp
local 8.8.8.8
tls-server
ifconfig-pool-persist ipp.txt
server 172.18.10.0 255.255.255.0
lport 1194
link-mtu 1544
management /var/etc/openvpn/server1.sock unix
push "route 192.168.10.0 255.255.255.0"
ca /root/easyrsa4pfsense/keys/ca.crt
cert /root/easyrsa4pfsense/keys/server.crt
key /root/easyrsa4pfsense/keys/server.key
dh /root/easyrsa4pfsense/keys/dh1024.pemSo how do I get this entered into the GUI or make it stick after reboots or reloads after firewall changes in the GUI?