I've been trying to move my mother's firewall (itpables)/OpenVPN install to pfSense and am having issues finding documentation on proper setup.
The current way I have it configured is a point-to-point VPN using TUN, my home OpenVPN instance is the server. What I've currently done in pfSense: I've gone into Cert Manager (CA) and imported my VPN's CA cert (Labeled master-ca.crt) I've gone into Cert Manager (Certificates) and imported my mother's Certificate Data (Labled as mother.server.crt) and Private Key Data (Labeled as mother.server.key) This is the part where I'm getting stuck. If I select client, the output of /var/etc/client1.conf is no where near the below original openvpn config. If I select server, it's expecting to be the vpn host. Can somebody point me to documentation that fits my situation? Original config below: dev tun0 # 192.168.4.1 is our local VPN endpoint (mother). # 192.168.145.14 is our remote VPN endpoint (home). ifconfig 192.168.4.1 192.168.145.14 # Our up script will establish routes # once the VPN is alive. script-security 2 up ./routes.up ## Doug's Server remote my.server.ip.address # Our pre-shared static key tls-auth certs/static.key 1 ## Server or Client tls-client ## Public Certificate Authority ca certs/master-ca.crt ## VPN Server's Public Certificate cert certs/mother.server.crt ## VPN Server's Private Key key certs/private/mother.server.key # OpenVPN uses UDP port 1194 by default. # Each OpenVPN tunnel must use # a different port number. # lport or rport can be used # to denote different ports # for local and remote. port the.port.i.use # Downgrade UID and GID to # "nobody" after initialization # for extra security. chroot /etc/openvpn user nobody group nogroup # If you built OpenVPN with # LZO compression, uncomment # out the following line. comp-lzo ## Restart control ping 10 ping-restart 45 ping-timer-rem persist-tun persist-key # Verbosity level. # 0 -- quiet except for fatal errors. # 1 -- mostly quiet. # 5 -- medium output, good for normal operation. # 8 -- verbose, good for troubleshooting verb 4 log-append logs/openvpn.log Thanks for looking, Doug -- Ben Franklin quote: "Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety." _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
