How To Setup OpenVPN On pfSense

How Can A Smurf Attack Hurt A Company?

How To Setup OpenVPN On pfSense

OpenVPN is a user-space virtual private network (VPN) daemon. To connect to an OpenVPN server, a client needs only the OpenVPN command-line program and config file.

OpenVPN uses SSL/TLS security for encryption of both the data and control channels. It is designed to work with the TCP/IP protocol. It shares IP addresses among clients rather than using hardware addresses, so it’s relatively simple to set up compared to other VPNs, requiring complex configuration settings on both ends of the connection.

OpenVPN provides a security layer over UDP or TCP using virtual tunnels secured using strong encryption codes. This is good for both web browsing, SCP uploading/downloading, and other network services. You can find this program in the VPN section of pfSense as a VPN wizard.

How To Set Up An OpenVPN On pfSense?

  1. Login to your pfSense router through the web interface.
  2. Go to “System.”
  3. In the right-side pane, go to “General Setup.”
  4. Scroll down and check the box labeled: “Enable OpenVPN Server,” and hit Save.
  5. Go to “Services.”
  6. Scroll down and find: “OpenVPN” and click to enable it.
  7. In the center-right pane under the tab: “Server Configs,” select the tab: “OpenVPN.” 
  8. Fill in the blanks with your information, including at least one valid address.
  9. Scroll down and click Save.
  10. Close your browser window.
  11. Go to “System.”
  12. In the right-side pane, go to “Cert. Manager”.
  13. Under Certificates (Local Database), select all certificates and hit the Delete key.
  14. Hit Save.
  15. Create a new Certificate (see step i-j), and save it.
  16. You will now be prompted for your username and password to log in to the VPN.
  17. OpenVPN is now set up on pfSense. The last thing you need to do is make sure your computer or device is set up to connect with OpenVPN.

What Is OpenVPN, And How Does It Work?

OpenVPN is a Virtual Private Network or VPN for short. It is an open-source application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. OpenVPN uses a custom security protocol that utilizes TLS/SSL for key exchange. It is capable of traversing network address translators.

A VPN allows you to create a secure connection over a public network from your home, place of business, or on the go. There is an endless number of applications for using a VPN, but today we’ll focus on using the OpenVPN protocol on pfSense to connect securely back to your home or office network.

Why Should I Use OpenVPN?

You’ve heard about people getting hacked, having their identity stolen, and other negative consequences of not correctly securing your computer, but you don’t want to pay for a VPN service because you’re already paying for the internet, right? 

OpenVPN is a free, open-source application that allows you to securely connect back to your home or office network over the internet. A VPN allows you to connect securely back to your home or office network over the internet. You can also run it on a server and access your home network from another location, such as public WiFi at the local coffee shop.

How To Setup A Client For The VPN On Windows?

  1. Download and install the OpenVPN client from here:
  2. Open up the client.
  3. When prompted, enter your pfSense username and password.
  4. Use any server you’d like.
  5. Ensure UDP is selected as your protocol.
  6. Hit connect.

How To Setup A Client For The VPN On Mac OSX?

  1. Download and install Tunnelblick from here:
  2. Open up Tunnelblick.
  3. When prompted, enter your pfSense username and password.
  4. Use any server you’d like.
  5. Ensure UDP is selected as your protocol.
  6. Hit connect.

Troubleshooting Tips 

  1. If you receive a message about certificates being untrusted, follow these steps:
  2. If your internet connection drops after a few minutes of using OpenVPN, check the pfSense logs for any VPN-related issues under Status > System Logs.
  3. If your pfSense machine is behind a router, you will need to forward port 1194 (TCP and UDP) to the internal IP address of your pfSense server. To do this in pfSense, go to “Firewall,” then “NAT,” then click on “Port Forwarding.” In the center pane, add a new rule allowing TCP and UDP traffic on port 1194 to your internal IP address. Be sure to save that rule.
  4. If you’re having issues with OpenVPN keep-alive connections:
  5. You can read about all of the available configuration options here:
  6. If you’re having issues with your VPN connection disconnecting, see the FAQs from the Tunnelblick website on changing connection parameters or use a different cipher:
  7. You can check for updates to the OpenVPN client and the pfSense OpenVPN module by going to System > Packages and looking under Available Packages.
  8. If you have a DD-WRT router, you can use this tutorial from FlashRouters to configure OpenVPN on your router. You can then use your router to connect to your home network or office network. Once you’ve created the connection on the DD-WRT router, connect to it like any other VPN connection (instructions above)
  9. If you’d like more information about OpenVPN, visit their website here:
  10. If you’d like more information about the OpenVPN client, visit the website here:
  11. If you have any other questions, feel free to comment with your issue, and I’ll do my best to help!


OpenVPN is a virtual private network (VPN) that can connect securely over the internet. VPNs are commonly used by companies and organizations such as schools, businesses, or hospitals that want to protect their data from cyberattacks or surveillance when they’re connecting to the public internet. OpenVPN works on many different operating systems, including Windows 10 and Mac OS X. 

It also has mobile apps for Android and iOS devices if you need access while away from home or work. You may use it just to bypass geographic restrictions: if you live outside of the US but want to watch Netflix content, your best bet would be to sign up with one of our top-rated VPN providers first before attempting this method.

Recent Posts