Full VPN Setup for pfSense Router - OpenVPN Client

1. Log into your pfSense gateway.
 
2. Navigate to System -> Cert Manager -> CAs.
 
3. If there are any certificates on this page, remove them with the trashcan icon to the right.
 
pfsense vpn openvpn setup 01
 
4. Click on Add in the lower-right to add a new certificate.
 
5. Download CA certificate file from here https://network.glbls.net/openvpnconfig/serverlocation.crt and open it on Wordpad for Windows or TextEdit for Mac, then COPY and PASTE to “Certificate data” field. Enter “CA-OpenVPN” to “Descriptive name”.
 
OpenVPN Pfsense Setup VPN 02
 

6. Click “Save” button.

OpenVPN Pfsense Setup VPN 02
 
7. Navigate to VPN -> OpenVPN -> Clients
 
pfsense openvpn vpn setup 05
 
8. If there are any existing VPNs on this page, remove them with the trashcan icon to the right.
 
9. Click on Add in the lower-right to add a new VPN connection.

Protocol: UDP or TCP (we recommended to use UDP)

Server host or address: Here enter the server you want to connect. You can find our global vpn server network list and their hostnames here : https://getflix.zendesk.com/hc/en-gb/articles/204476204-Full-VPN-Server-Locations-and-Addresses

Server port: 1194 (or 443, 80, 53)

Server hostname resolution: Ensure that "Infinitely resolve server" is checked.

Description: Enter any name you want to describe this vpn connection. You may enter something like "Smart DNS Proxy Netherlands".

User Authentication Settings: Fill the Username and Password fields with your VPN username and password. You can find your vpn username in your account vpn section.

TLS Authentication: Ensure "Enable authentication of TLS packets" is disabled.

Peer Certificate Authority: Select the OpenVPN-CA we setup.

Client Certificate: None (Username and/or Password required)

Encryption Algorithm: BF-CBC (128-bit).

Auth digest algorithm: SHA1 (160-bit).

Compression: Enabled with Adaptive Compression.

Disable IPv6: Ensure "Don't forward IPv6 traffic" is checked.

Custom options: Copy and paste the following into the custom options textbox:
persist-key
persist-tun
remote-cert-tls server
reneg-sec 0
 
pfsense openvpn vpn setup 04
 
openvpn pfsense setup for Smart DNS Proxy VPN network

pfsense openvpn
 smart dns proxy encrypted network pfsense openvpn setup
10. Click Save to save the VPN connection.
 
11. Navigate to Status -> OpenVPN.
 
12. If Status doesn't show as "up", click the circular arrow icon under Actions to restart the service. If it still does not come up, navigate to Diagnostics -> Reboot to restart the device.

13. Ensure that Status shows as "up" before continuing.
 
PFsense OpenVPN Setup for Smart DNS Proxy
 
14. Navigate to Firewall -> NAT -> Outbound.
 
15. Set the Mode under General Logging Options to "Manual Outbound NAT rule generation (AON)", and click Save.
 
16. Under the Mappings section, click the duplicate (dual-page) icon on the right for the first rule shown in the list.
 
17. Set Interface to "OpenVPN" and click Save at the bottom.
 
18. Repeat the last two steps for all remaining rule shown under Mappings, until every rule has a duplicate for OpenVPN.
 
PFsense OpenVPN Setup Instructions
 
19. Click Apply at the top of the page to apply all changes.

20. Finished. At this point, your VPN service should be fully operational! If you find that it's not working at this point, navigate to Diagnostics -> Reboot and restart your router.
 
Have more questions? Submit a request

Comments

Powered by Zendesk