How to get my working dev tap model working in the GUI (2.0 Beta 5)



  • Part of the reason I'm working with pfSense is it's based on FreeBSD and everything done within pfSense I could do with a standard FreeBSD box.

    I tried to get the easy-rsa2.0 parts of OpenVPN working via the /root/easyrsa4pfsense method and integrating that with the  2.0 beta 5 web GUI.

    The below makes it work from the command line.  I'm trying to figure out how to make it work within the web framework OR how I can get it to import on boot/after changes in the webGUI are made.

    Added to the pf configuration:
    pass in quick on tap0 all flags S/SA keep state

    The End user file user.conf  (openvpn user.conf)

    client
    dev tap
    proto tcp
    remote 8.8.8.8 1194
    resolv-retry infinite
    nobind
    user nobody
    group nogroup
    persist-key
    persist-tun
    link-mtu 1544
    ca /root/vpn/pfsense/666.crt
    cert /root/vpn/pfsense/666.crt
    key  /root/vpn/pfsense/666.key
    ns-cert-type server
    verb 4

    The config on the pfSense box

    dev tap
    client-to-client
    writepid /var/run/openvpn_server1.pid
    keepalive 10 60
    ping-timer-rem
    persist-key
    proto tcp
    local 8.8.8.8
    tls-server
    ifconfig-pool-persist ipp.txt
    server 172.18.10.0 255.255.255.0
    lport 1194
    link-mtu 1544
    management /var/etc/openvpn/server1.sock unix
    push "route 192.168.10.0 255.255.255.0"
    ca /root/easyrsa4pfsense/keys/ca.crt
    cert /root/easyrsa4pfsense/keys/server.crt
    key /root/easyrsa4pfsense/keys/server.key
    dh /root/easyrsa4pfsense/keys/dh1024.pem

    So how do I get this entered into the GUI or make it stick after reboots or reloads after firewall changes in the GUI?


Log in to reply