Need help setting up VPN for my laptop



  • Hey all,

    Just a single VPN user (me) for my home network.

    Running PFsense and trying to get Open VPN working on the PFsense box with my laptop as the remote client.

    However I am struggling!
    I have tried to follow some guides but no sure what certain parts of them mean.

    Also I see no option to "start" the VPN.  I have the certs all on my laptop in the right folder and have created the .ovpn file but no idea how to "run" it?

    Can someone point me to a step by step guide to setting up a road warrior user which they used?

    Thanks



  • I used the OpenVPN Client Export package, works like a charm, just make sure you have a user setup for OpenVPN and set the "Host Name Resolution" to the right external IP/DNS name before you download the Windows Installer.

    (I'm assuming you're using Windows)



  • Right!

    Thanks I have now followed this guide as best I can:
    http://hardforum.com/showthread.php?t=1663797&page=3

    and I have the VPN connected now.

    however I don't understand the VPN…I am connected and have an address but cannot access the LAN.
    The new network adapter which has been created also shows no internet connectivity.

    Any ideas guys.

    here is a screenshot of my config: - I thought I should put a range in which is not in the DHCP scope of my LAN as the tunnel network?




  • hmm just noticed that the new vpn adapter doesn't have a default gateway..could be the reason why?!

    my server (2008r2) currently performs the dhcp and dns for the network at home.

    Does this affect how my clients can VPN in?



  • VPN subnet should be outside :LAN range, so try 192.168.123.0/24 or something.



  • Right I tried it with .100.0/24 and it's still not giving me a default gateway?




  • You don't need a default route into the tunnel. The "Local Network" field on your server settings should cause the client to add a route through the tunnel to that subnet.
    On the pfSense you need to add firewall rules on OpenVPN allowing whatever you want to allow from the client end - e.g. pass source any, destination LAN network - will allow traffic from the client end to anything on the LAN.



  • Thanks I have got this working now :)

    Just wondering - a guide a followed suggested that I use DH 1024 and AES 128

    Could i bump up the DH to 2048 with no issues?



  • As long as you're using an OpenVPN that supports it. Some clients (on phones/tablets?) might not support it.


Log in to reply