Configure OpenVPN HA pfsense cluster

Page content

In this LAB I will be creating OpenVPN SSL Peer to Peer connection.

Generating CA Certificate

At System > Cert.Manager > CAs > Add Example image

Example image

Generate Server Certificate

At System > Cert.Manager > Certificates > Add Example image

Generate User Certificate

For this demo I will’create one certificate for all users, but in live you should create a separate certificate for all users.

At System > Cert.Manager > Certificates > Add Example image

At SystemUser > ManagerUsers add the User certificate for the users. Example image

Intall Openvpn package exporter

Got to System > Package Manager > Available Packages and install openvpn-client-export plugin.

Configurate the OpeVPN service

Got to VPN > OpenVPN > Wizards Example image

Example image

Example image

Example image

Edit the Adwanced Configuration: Example image

Example image

Example image

Configurate NAT Rules to HA

Go to Firewall > NAT > Outbound and clone the LAN Rules? Example image

Example image

Example image

Example image

Enable Connection from OpenVPN to master and slave

In default there in no rout to the salve nod. Go to Firewll > Aliases > Add and create alias for CARP members: Example image

Then go back to Firewall > NAT > Outbound and create a new rule: Example image