This tutorial explains how you can easily setup a VPN on pfSense in a string of simple steps.
What You Will Need Before Configuring VPN on pfSense
Before establishing a new VPN connection on pfSense, first you will need to get things ready:
1- You will need a working internet connection.
2- You will also need a pfSense supported device.
3- You will also need to make sure that your premium VPN subscription is active (e.g: bVPN).
Steps to Configure VPN on pfSense Manually
1- Go to the drop down menus from your pfSense interface, and then go to “Settings”.
2- From “Settings”, go to “Cert Manager”.
3- In order to create a new certificate authority, click on the “+” button.
4- Make sure that “Import an existing certificate authority” is checked.
5- Type in a name for your new CA.
6- Now, go to the directory which contains the files, and then open the file entitled “ca.crt” in the notepad.
7- Copy and paste the contents exactly as they are into the first box.
8- Click on “Save”.
9- Leave the second box blank.
10- Click on the “+” sign.
11- Make sure that the “Import an existing certificate” is checked.
12- Type in a name for your VPN connection in the “Descriptive Name” field.
13- Go to the directory that contains the files, and then open a file entitles “ovpn059.crt”.
14- Now open the notepad, copy and paste the contents of the file exactly as they are in the first box.
15- In the second box, open “ovpn059.key” file, copy and paste the contents exactly as they are in it.
16- Now, go to the system drop down menus, and then select “VPN”.
17- Next, select “OpenVPN”.
18- Click on the “Client” tab.
19- Go to the “Cryptographic Settings” section , and then copy and paste the contents of the “ta.key” file into the “TLS Authentication” field.
20- Click on “Save”.
21- Return to the system drop down menus, and then select “Assign”.
22- Next, click on the “+” sign. You will be notified that a new interface has been successfully added.
23- Return to the system drop down menus, and then enable the interface.
24- In the description field, type in a name for your VPN connection (e.g: bVPN).
25- Next, in the “Type” field, select “None”.
26- Leave the rest of the fields blank.
27- Click on “Save”.
28- Return one more time to the system drop down menus, and then select “Routing”.
29- Click on the “+” sign, and then do the following:
30- Insert a name for the “Gateway”.
31- Select “Dynamic” for the “Gateway”.
32- In the “Monitor IP” field, enter “208.67.222.222”.
33- Leave the “Advanced” field blank.
34- Type in a description in the “Description” field.
35- Click on “Save”.
36- Go back to the system drop down menus firewall, and then go to “Rules”.
37- Click on the “LAN” tab.
38- Create a new rule as follows:
39- For “Action”—> PASS.
40- In the “Interface” field, choose “LAN”.
41- In the “Source” field, choose “LAN Subnet”.
42- In the “Protocol” field, choose “ANY”.
43- In the “Description” field—> “LAN to Internet force through VPN”.
44- Finally, click on “Save”.
At this moment you have successfully secured your pfSense with a VPN connection
