Little help needed understanding the "VPN Capability OpenVPN" wiki page
leimrod last edited by
Ok, i'm trying to set up a VPN with a remote PC through pfSense using OpenVPN.
The first part of the guide, generating the certs, I understand, and have completed successfully. I've generated the server and client certs.
On the windows machine that I will be connecting i'm using the OpenVPN GUI for windows, and have set up the config file as per the guide and put the certs into the config folder
I've also set up OpenVPN in pfSense, but here is where my questions are. I have pfSense set up as a load balancer for 2 Static IP DSL lines.
For example these lines have these IP's:
First question how do I tell pfSense which line to use for the VPN?
Also on the "OpenVPN config page" what do I put in for "Local Network"? Is it the gateway 192.168.1.1/24, or this 192.168.1.0/24 or something else?
When should I be using "custom options"
Also could someone tell me what I need to set to apply this rule, what IP address am I pointing it at?
2. Go to the firewall rules for the WAN interface, and open up the TCP (or UDP) port you defined for your OpenVPN instance.
Lastly, in the config file settings, what should I be using instead of "n.n.n.n" also where do I need to set the hostname, what should the hostname be?
remote n.n.n.n 443
All help is greatly appreciated
Cry Havok last edited by
AFAIK OpenVPN listens on all interfaces, it's "just" a matter of routing ;)
You add something to "Local Network" if you want OpenVPN to push a route to it to the client (in your case it would be 192.168.1.0/24). If you simply want to have all traffic pushed through the VPN leave it blank and add the following to the "Custom Options":
The rule - the external IP address(es) of the pfSense host you want OpenVPN to be visible on.
On the last point, replace n.n.n.n with the external (213.94.182.) address and ensure the device(s) that has/have those IPs forward the relevant ports to pfSense host (if the pfSense host doesn't have them).