Configure OpenVPN HA pfsense cluster

Page content

In this LAB I’ll be creating OpenVPN SSL Peer to Peer connection.

Generating CA Certificate

At System > Cert.Manager > CAs > Add Example image

Example image

Generate Server Certificate

At System > Cert.Manager > Certificates > Add Example image

Generate User Certificate

For this demo I will’create one certificate for all users, but in live you should create a separate certificate for all users.

At System > Cert.Manager > Certificates > Add Example image

At SystemUser > ManagerUsers add the User certificate for the users. Example image

Intall Openvpn package exporter

Got toSystem > Package Manager > Available Packages and install openvpn-client-export plugin.

Configurate the OpeVPN service

Got to VPN > OpenVPN > Wizards Example image

Example image

Example image

Example image

Edit the Adwanced Configuration: Example image

Example image

Example image

Configurate NAT Rules to HA

Go to Firewall > NAT > Outbound and clone the LAN Rules? Example image

Example image

Example image

Example image

Enable Connection from OpenVPN to master and slave

In default there in no rout to the salve nod. Go to Firewll > Aliases > Add and create alias for CARP members: Example image

Then go back to Firewall > NAT > Outbound and create a new rule: Example image

Blaiserman avatar
About Blaiserman
I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I'm working as a DevOps Engineer.
comments powered by Disqus