next »

[dairaen]

damn, i already cutted that, how the f*** does it made it in there again!?

Thanks, naturally thats crap. I fixed it.

[SFM]

dairaen

Nice work on the documentation, I wish it would of been around before I set it up (would of made it easier).
This will be very helpfull for users who want to setup Openvpn on Pfsense.

[dairaen]

cheers,

new version online, since ppl still seem to have
problems with OpenVPN i added "Site-to-Site" VPN, any volunteers
are welcome to verify the new section.

http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

[dairaen]

sorry, uploaded a wrong version, please download again if you did,
a screenshot and some ip-adresses were wrong.

[sullrich]

Thanks for doing this!   I have posted this to the tutorials section.  Just let me know when to update it.

[dairaen]

sorry, small update (should be the last for a while)

* removed the snapshot and RC stuff and advised ppl to use 1.0 Release.
* fixed some typos
* fixed some formatting stuff (i will *never* use Word & images again...)

And there is a small typo in your tutorial section, "warrior" is mispelled.

http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

keep on

[Hunter]

dairaen, thanks a million you are the MAN!

Hunter

[sullrich]

Tutorial sync'd on pfSense.com

[dairaen]

cheers,

updated some parts to prevent further problems like:
http://forum.pfsense.org/index.php/topic,2448.0.html

As usual, latest version is found here:
http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

keep on & kind regards
dairaen

[sullrich]

pfSense openvpn tutorial sync'd.

Thanks!

[dairaen]

cheers,

again some updates:

* added a FAQ section at the bottom with solutions to the latest
postings
* added link to "my certificate wizard"

http://www.uplinksecurity.de/data/pfsense-ovpn.pdf

kind regards
dairaen

[hoba]

again some updates:

kind regards
dairaen

Thanks for your work! We really appreciate your help on this! 

[sullrich]

File in the tutorial section has been sync'd.  Thanks!

[micromani]

For first time: sorry for my english 

Second: little problem

I've log in my pfsense by putty (for windows)

Option 8 (Shell)

down penvpn-2.0.9.tar.gz

# tar -xvzf openvpn-2.0.9.tar.gz
# cd openvpn-2.0.9
# cd easy-rsa
# vi vars

[...] After that some scripts need to be executed, if asked for “Common Name” enter
the hostname you used in “General Setup” this time. Here are my keystrokes:
[/tmp/openvpn-2.0.8/easy-rsa]# source ./vars [...]

# source ./vars
export: Command not found.
D: Undefined variable.

Why?

My Vars file:

# NOTE: If you installed from an RPM,
# don't edit this file in place in
# /usr/share/openvpn/easy-rsa --
# instead, you should copy the whole
# easy-rsa directory to another location
# (such as /etc/openvpn) so that your
# edits will not be wiped out by a future
# OpenVPN package upgrade.

# This variable should point to
# the top level of the easy-rsa
# tree.
export D=`/tmp/`

# This variable should point to
# the openssl.cnf file included
# with easy-rsa.
export KEY_CONFIG=$D/openssl.cnf

# Edit this variable to point to
# your soon-to-be-created key
# directory.
#
# WARNING: clean-all will do
# a rm -rf on this directory
# so make sure you define
# it correctly!
export KEY_DIR=$D/keys

# Issue rm -rf warning
echo NOTE: when you run ./clean-all, I will be doing a rm -rf on $KEY_DIR

# Increase this to 2048 if you
# are paranoid.  This will slow
# down TLS negotiation performance
# as well as the one-time DH parms
# generation process.
export KEY_SIZE=1024

# These are the default values for fields
# which will be placed in the certificate.
# Don't leave any of these fields blank.
export KEY_COUNTRY=KG
export KEY_PROVINCE=NA
export KEY_CITY=BISHKEK
export KEY_ORG="OpenVPN-TEST"
export KEY_EMAIL="me@myhost.mydomain"

I must tell too:
# D=5
D=5: Command not found.

while if I make 'D=5' on other shell (like ubuntu o similar) I write a variable.

I'm niubby for linux but I think that the Shell from prompt is'nt usually shell!

Help me!

[GruensFroeschli]

you use a TAP device but have to use a TUN device

if you use the redirect it has to like like this:
push "redirect-gateway def1"
push "dhcp-option DNS x.x.x.x"


you push the custom DNS since the clients loose their route to their local DNS after the redirect is in place.