Home » Networking » Configure OpenVPN in pfSence router OS

Configure OpenVPN in pfSence router OS

pfSense is well known router OS for its simplicity and wide options to  take control over your network.

In the other hand OpenVPN is most popular VPN solution.

In this tutorial I will show you, how to configure OpenVPN in pfSense router OS, facilitate remote client user to the network behind firewall.

Test Environment

 pfSense 2.3 (updated to latest patches)
 WAN :
 LAN :
 OpenVPN client 2.3
 Client machine : Windows 7 x64

1. Prepare System

First update the pfSence and install the necessary plugin

pfSence > System > Package manager > Available Package

Install the following plugin: ‘openvpn-client-export’

In this configuration setup I will use certificate + password authentication.

Create CA, which will be used for all the certificate.

pfSense > System > Certificate Management > CAs

2. Configure Server

Now configure OpenVPN server.

pfSense > VPN > OpenVPN > Add Server

You will get lot of options, here is the typical setup configuration

TLS Authendication : Enable
Enable authentication of TLS packets : 
     Automatically generate a shared TLS authentication key.
     Peer Certificate Authority : Use The same CA
     Server certificate : Server Certificate
DH Parameter length (bits) :1024
Encryption Algorithm : AES-128-CBC
Auth digest algorithm : SHA1(160-bit)
Hardware Crypto : No hardware crypto algorithm
Certificate Depth : One(Server+Client)
Strict User-CN Matching : Yes
IPv4 Tunnel Network :
IPv6 Tunnel Network : ** Leave Blank **
Redirect Gateway : Yes
IPv4 Local network(s) : Router's Lan network
Concurrent connections : ** as per your requirement **
Compression : Enable with adaptive compression
Type-of-Service : ** Leave blank **
Inter-client communication : Enable as per your requirement
Dynamic IP : ** as per your requirement **
Address Pool  : Enable
Topology : Subnet - One IP address per client in a common subnet
DNS Default Domain : ** as per your requirement **
DNS Server enable : ** as per your requirement **
Force DNS cache update : ** as per your requirement **
NTP Server enable : ** as per your requirement **
NetBIOS enable : ** as per your requirement **
Enable custom port : ** as per your requirement **

3. Configure Client

Now its time to create client

pfSense > User Management > Add user

When creating user, create certificate with the same CA

Here is the options to be filled while creating user

Username : Specify Username
Password : Specify Password
Expiration Date : Specify Expiration date
Group Membership : Typically its admin, you can maange seperate group
Descriptive name
     Certificate authority : Use same CA
     Key length : 1024
     Lifetime : Specify time

4. Prepare remote client

Finally export the configuration.

pfSence > VPN > OpenVPN > Export

You can see the user, download the configuration to your desktop and distribute to your VPN user.

Download OpenVPN client and install in your desktop.

Copy the configuration to OpenVPN Client ‘config’ directory

That’s all. Now start the OpenVPN client and connect.

Kindly share your feedback abut this tutorial, configure OpenVPN in pfSense router OS.

Check Also

How To Configure OSPF Routing In CISCO router

Introduction of OSPF: Open Shortest path first (OSPF) is a routing protocol for internet network. …

Leave a Reply

Your email address will not be published. Required fields are marked *