Initial set-up of OpenVPN

  • Using 2.1.5-RELEASE (amd64)

    So I've been looking for a tutorial in the documentation but couldn't find one.

    I read around there:

    But still couldn't find a step by step guide.

    So Googling around led me to this:

    I followed the steps and it won't work!

    I've tried from the LAN (using pfSense IP in the OVPN file) and from home (using a NO-IP hostname which does point to the right IP).

    For a client, I'm using TUNNELBLICK.

    I used the Client Export Utility to get the file.

    When i attempt to connect, it will ask for my username and password, and then it will go "Waiting for server" forever.

    So could anyone point me to a good tutorial or help me troubleshoot why it will not work?

    One thing that I find suspicious from the tutorial I followed is that it does not talk about the OpenVPN interface…

    Reading around, threads often refer to adding a new interface and selecting OpenVPN, then doing something in the gateway.

    I did not do any of that, as I thought it might be optional and i wanted the simplest way to make this work.


    it's a little outdated but should be fine for a simple roadwarrior setup

  • Somehow, I made it work.

    I'm now connected with a remote computer using TunnelBlick.

    I want to use the OpenVPN connection to be able to mount CIFS (SMB) shares from a server which is on the network managed by pfSense.

    So how can I do that?

  • Hi guys,

    I'd really like help on this if someone will spare the time to help a n00b.

    Below is my server1.conf file

    The network where pfSense (and OpenVPN) is, is configured as followed :

    pfSense is
    Netmask is /16 (

    Server with CIFS (SMB) shares is

    As you can see below:

    push "route"

    is there

    So as I understand it, it should work…

    Is there any config to do on the client side?

    I did use the OpenVPN client export utility, and my client is TunnelBlick.

    Basically I want to :

    1. Be able to connect to CIFS (SMB) shares through the VPN

    2. Access server Web GUI with a browser through the VPN

    dev ovpns1
    dev-type tun
    dev-node /dev/tun1
    writepid /var/run/
    #user nobody
    #group nobody
    script-security 3
    keepalive 10 60
    proto udp
    cipher AES-128-CBC
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/
    client-disconnect /usr/local/sbin/
    local XXX
    client-config-dir /var/etc/openvpn-csc
    auth-user-pass-verify /var/etc/openvpn/server1.php via-env
    tls-verify /var/etc/openvpn/server1.tls-verify.php
    lport 1194
    management /var/etc/openvpn/server1.sock unix
    push "route"
    push "dhcp-option DNS"
    push "dhcp-option NTP"
    push "redirect-gateway def1"
    ca /var/etc/openvpn/ 
    cert /var/etc/openvpn/server1.cert 
    key /var/etc/openvpn/server1.key 
    dh /etc/dh-parameters.1024
    tls-auth /var/etc/openvpn/server1.tls-auth 0

    Please note that I didn't configure an INTERFACE in pfSense.

    I don't know if I should, and I don't know how or why deal with interfaces.

    THANKS !

  • You do not need any manual OpenVPN interface for a road-warrior VPN like this. Check:

    1. OpenVPN tunnel network is outside of LAN
    2. Firewall->Rules OpenVPN tab - put rule/s to pass traffic. The easy way to start is put a pass all rule (source any destination any). After it is working you can make the rules tighter.
    3. Server at has its gateway set to the pfSense LAN IP
    4. Server does not have a firewall blocking you when coming from a different subnet to LAN.

    Post OpenVPN server settings, firewall rules… if you are still stuck.

  • Problem #1 is your tunnel network is inside your LAN.

Log in to reply