Configure OpenVPN HA pfsense cluster

April 11, 2019

Page content

In this LAB I will be creating OpenVPN SSL Peer to Peer connection.

Generating CA Certificate

At System > Cert.Manager > CAs > Add Example image

Example image

Generate Server Certificate

At System > Cert.Manager > Certificates > Add Example image

Generate User Certificate

For this demo I will’create one certificate for all users, but in live you should create a separate certificate for all users.

At System > Cert.Manager > Certificates > Add Example image

At SystemUser > ManagerUsers add the User certificate for the users. Example image

Intall Openvpn package exporter

Got to System > Package Manager > Available Packages and install openvpn-client-export plugin.

Configurate the OpeVPN service

Got to VPN > OpenVPN > Wizards Example image

Example image

Example image

Example image

Edit the Adwanced Configuration: Example image

Example image

Example image

Configurate NAT Rules to HA

Go to Firewall > NAT > Outbound and clone the LAN Rules? Example image

Example image

Example image

Example image

Enable Connection from OpenVPN to master and slave

In default there in no rout to the salve nod. Go to Firewll > Aliases > Add and create alias for CARP members: Example image

Then go back to Firewall > NAT > Outbound and create a new rule: Example image

Your support is our everlasting motivation,
that cup of coffee is what keeps us going!

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online.

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee.

I love to tackle new technologies, and because of that, I started to use Docker before It became the thing. Currently, I’m working as a DevOps Engineer.