{"id":447,"date":"2020-12-27T16:11:16","date_gmt":"2020-12-27T10:41:16","guid":{"rendered":"http:\/\/192.168.0.6\/linuxbots\/?p=447"},"modified":"2020-12-28T19:00:56","modified_gmt":"2020-12-28T13:30:56","slug":"openvpn-pfsense-2-4-setup-in-simple-steps","status":"publish","type":"post","link":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/","title":{"rendered":"OpenVPN pfSense 2.4 Setup in simple steps"},"content":{"rendered":"\n<p>OpenVPN is an open-source solution for implementing Virtual Private Network to create point-to-point or site-to-site connections. In this article, we will learn how to configure OpenVPN in the pfSense firewall. PfSense is an open-source firewall\/router based on FreeBSD currently supported by <a rel=\"noreferrer noopener\" aria-label=\"Netgate (opens in a new tab)\" href=\"https:\/\/www.pfsense.org\/about-pfsense\/#legal\" target=\"_blank\">Netgate<\/a>.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Also Read: <a href=\"https:\/\/oracle.itsupportwale.com\/blog\/install-openlitespeed-on-ubuntu-16\/\" target=\"_blank\" rel=\"noreferrer noopener\" label=\"Install OpenLiteSpeed Web Server on Ubuntu (opens in a new tab)\">Install OpenLiteSpeed Web Server on Ubuntu<\/a><\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"512\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario-1024x512.jpg\" alt=\"openvpn-pfsense-scenario\" class=\"wp-image-3405\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario-1024x512.jpg 1024w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario-300x150.jpg 300w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario-768x384.jpg 768w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg 1200w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-69d7dde77ee5c\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-69d7dde77ee5c\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#Prerequisite\" >Prerequisite:<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#Understanding_the_Scenario\" >Understanding the Scenario<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#Configuring_OpenVPN_Server_in_pfSense_at_Site_A\" >Configuring OpenVPN Server in pfSense at Site A<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#After_that_add_a_firewall_rule_on_the_WAN_interface_to_allow_access_to_the_OpenVPN_server\" >After that, add a firewall rule on the WAN interface to allow access to the OpenVPN server.<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#Add_a_firewall_rule_to_OpenVPN_interface_at_Site_A\" >Add a firewall rule to OpenVPN interface at Site A<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#Configuring_OpenVPN_Client_in_pfSense_at_Site_B\" >Configuring OpenVPN Client in pfSense at Site B<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#Add_a_firewall_rule_to_OpenVPN_interface_at_Site_B\" >Add a firewall rule to OpenVPN interface at Site B<\/a><\/li><\/ul><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#Summary\" >Summary:<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Prerequisite\"><\/span>Prerequisite:<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>We have required at least two pfSense firewalls in the working state to configure OpenVPN in the pfSense firewall. <em>Follow this article to <a aria-label=\"install and initialize the pfSense firewall (opens in a new tab)\" rel=\"noreferrer noopener\" href=\"https:\/\/secureallserver.blogspot.com\/2017\/07\/pfsense-installation.html\" target=\"_blank\">install and initialize the pfSense firewall<\/a> if you do not have it yet.<\/em><\/p>\n\n\n\n<p>In our current scenario, we have two different sites at different geological locations. Site A and Site B both having pfSense instances as their main Router and Firewall. Here we want to configure a secure OpenVPN tunnel so that the clients from Site A  can communicate with the clients of Site B directly.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"763\" height=\"293\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-site-to-site.png\" alt=\"openvpn-pfsense-site-to-site\" class=\"wp-image-3402\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-site-to-site.png 763w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-site-to-site-300x115.png 300w\" sizes=\"auto, (max-width: 763px) 100vw, 763px\" \/><figcaption>OpenVPN Site-to-Site Scenario<\/figcaption><\/figure><\/div>\n\n\n\n<p>OpenVPN can configure in two ways, by using a shared key or using SSL\/TLS. In this article, we use the Shared Key method to configure it.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Understanding_the_Scenario\"><\/span>Understanding the Scenario<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>In a site-to-site OpenVPN connection, one firewall will be work as the server and the other will be work as the client. Usually, we configure the main location as a server and the remote locations as clients, while it will work the same if we do the opposite. A dedicated subnet used for the OpenVPN tunnel between networks apart from existing subnets at both ends, similarly as remote access OpenVPN configuration. The above OpenVPN Site-to-Site Scenario use in this example configuration.<\/p>\n\n\n\n<p>In this example, 10.3.100.0\/30 is our Tunnel Network. Because an IP address of this subnet is used by each end of the OpenVPN tunnel. As shown in the above diagram. Finally, the next sections describe how to configure OpenVPN Server and Client in the pfSense firewall.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Configuring_OpenVPN_Server_in_pfSense_at_Site_A\"><\/span>Configuring OpenVPN Server in pfSense at Site A<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>After login  goto&nbsp;<strong>VPN &gt; OpenVPN<\/strong> &gt; <strong>Server<\/strong>&nbsp;tab<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"710\" height=\"171\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/navigate-to-openvpn-servers-tab.jpg\" alt=\"navigate-to-openvpn-servers-tab\" class=\"wp-image-3407\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/navigate-to-openvpn-servers-tab.jpg 710w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/navigate-to-openvpn-servers-tab-300x72.jpg 300w\" sizes=\"auto, (max-width: 710px) 100vw, 710px\" \/><\/figure><\/div>\n\n\n\n<ul class=\"wp-block-list\"><li>Click on <span class=\"dashicons dashicons-plus\"><\/span> <strong>Add<\/strong> button&nbsp;to create a new VPN server<\/li><li>Fill the below fields with described options and leave other fields as defaults.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"678\" height=\"339\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/pfsense-openvpn-server-fields.jpg\" alt=\"pfsense-openvpn-server-fields\" class=\"wp-image-3409\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/pfsense-openvpn-server-fields.jpg 678w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/pfsense-openvpn-server-fields-300x150.jpg 300w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/pfsense-openvpn-server-fields-675x339.jpg 675w\" sizes=\"auto, (max-width: 678px) 100vw, 678px\" \/><figcaption>Example: required field values<\/figcaption><\/figure>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Server Mode<\/strong> &#8211; Select Peer to Peer (Shared Key) option from the dropdown menu<\/li><li><strong>Description<\/strong> &#8211; Enter Description for the connection(e.g. VPN Server for Site B)<\/li><li><strong>Shared key<\/strong> &#8211; Check on <strong>Automatically generate a shared key<\/strong> option<\/li><li><strong>Encryption Algorithm<\/strong> &#8211; Select <strong>AES-128-CBC  (128-bit key, 128-bit block)<\/strong> option from the dropdown menu<\/li><li><strong>Tunnel Network<\/strong> &#8211; Enter <strong>10.3.100.0\/30<\/strong> as our tunnel network<\/li><li><strong>Remote network<\/strong> &#8211; Enter the LAN address of Site B, <strong>10.5.0.0\/24<\/strong><\/li><\/ol>\n\n\n\n<ul class=\"wp-block-list\"><li>Now Click on&nbsp;<strong>Save<\/strong> button<\/li><li>After that, click on <span class=\"dashicons dashicons-edit\"><\/span>&nbsp;to edit the server that in the last step<\/li><li>Look for the&nbsp;<strong>Shared Key<\/strong>&nbsp;option<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"442\" height=\"438\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-shared-key-example.jpg\" alt=\"openvpn-shared-key-example\" class=\"wp-image-3410\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-shared-key-example.jpg 442w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-shared-key-example-300x297.jpg 300w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-shared-key-example-150x150.jpg 150w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-shared-key-example-100x100.jpg 100w\" sizes=\"auto, (max-width: 442px) 100vw, 442px\" \/><figcaption>OpenVPN-shared-key-example<\/figcaption><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Select all text from the&nbsp;Shared Key textbox<\/li><li>Copy the text and save it to a file<\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"After_that_add_a_firewall_rule_on_the_WAN_interface_to_allow_access_to_the_OpenVPN_server\"><\/span>After that, add a firewall rule on the WAN interface to allow access to the OpenVPN server.<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<ul class=\"wp-block-list\"><li>Now goto <strong>Firewall &gt; Rules<\/strong>,&nbsp;<strong>WAN<\/strong>&nbsp;tab<\/li><li>After that, click&nbsp;on the<strong> Add<\/strong>&nbsp;button to create a new rule at the top of all rules<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"453\" height=\"57\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/pfsense-firewall-add-button.jpg\" alt=\"pfsense-firewall-add-button\" class=\"wp-image-3413\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/pfsense-firewall-add-button.jpg 453w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/pfsense-firewall-add-button-300x38.jpg 300w\" sizes=\"auto, (max-width: 453px) 100vw, 453px\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Select<strong> UDP<\/strong> from the protocol dropdown option<\/li><li>In the Source address option. If the Site B  WAN interface has a dynamic IP address, then leave it to&nbsp;<strong>ANY<\/strong>. Otherwise, follow the below step for adding the rule to allow only from the WAN IP address of the client:<ul><li>Select&nbsp;<strong>Single Host or Alias<\/strong>&nbsp;from the&nbsp;<strong>Source<\/strong> dropdown menu<\/li><li>Enter the WAN address of the client in the&nbsp;<strong>Source Address<\/strong>&nbsp; field ( in this example it is 203.0.113.5)<\/li><\/ul><\/li><li>Select the <strong>WAN Address<\/strong> option from the&nbsp;<strong>Destination<\/strong>&nbsp;dropdown menu<\/li><li>Enter <em>1194<\/em> in both the &nbsp;<strong>Destination port<\/strong>&nbsp;fields<\/li><li>Enter a&nbsp;<strong>Description<\/strong>, such as Rule for VPN Site B<\/li><li>Click&nbsp;on <strong>Save<\/strong> to save the firewall rule.<\/li><li>Now click&nbsp;on <strong>Apply Changes<\/strong> to activate the rule. The rule will look like the image below.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"36\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-firewall-rule-for-VPN-1024x36.png\" alt=\"example-firewall-rule-for-VPN\" class=\"wp-image-3416\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-firewall-rule-for-VPN-1024x36.png 1024w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-firewall-rule-for-VPN-300x10.png 300w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-firewall-rule-for-VPN-768x27.png 768w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-firewall-rule-for-VPN.png 1148w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>Firewall Rule Example for VPN<\/figcaption><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Add_a_firewall_rule_to_OpenVPN_interface_at_Site_A\"><\/span>Add a firewall rule to OpenVPN interface at Site A<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>We have to add one more firewall rule to allowing traffic from the client-side LAN network to the Server-side LAN network through the VPN tunnel. For this, we add an &#8216;Allow All&#8217; rule in the OpenVPN tab.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Goto&nbsp;<strong>Firewall &gt; Rules<\/strong>,&nbsp;<strong>OpenVPN<\/strong>&nbsp;tab<\/li><li>Now click&nbsp;&nbsp;<strong>Add<\/strong>&nbsp;to create a new rule above all existing rules<\/li><li>After that, select <strong>Any<\/strong> from the <strong>Protocol<\/strong> dropdown menu<\/li><li>Now Enter a&nbsp;<strong>Description<\/strong>&nbsp;like &#8216;<em>Allow all from VPN Client<\/em>&#8216;<\/li><li>After that, click on&nbsp;<strong>Save<\/strong><\/li><li>Click&nbsp;<strong>Apply Changes<\/strong> to activate the rule and applying changes. The rule will look like the below image.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"31\" src=\"https:\/\/oracle.itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-allow-all-rule-for-vpn-1024x31.png\" alt=\"example-allow-all-rule-for-vpn\" class=\"wp-image-3417\" srcset=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-allow-all-rule-for-vpn-1024x31.png 1024w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-allow-all-rule-for-vpn-300x9.png 300w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-allow-all-rule-for-vpn-768x24.png 768w, https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/example-allow-all-rule-for-vpn.png 1139w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Here our server configuration is finished. Now we have our working OpenVPN Server at Site A. So let&#8217;s move to the client-side configuration.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Configuring_OpenVPN_Client_in_pfSense_at_Site_B\"><\/span>Configuring OpenVPN Client in pfSense at Site B<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Goto <strong>VPN &gt; OpenVPN<\/strong>,&nbsp;<strong>Client<\/strong>&nbsp;tab in the client-side pfSense<\/li><li>Click on Add button to create a new OpenVPN client<\/li><li>Now fill the below fields as shown, and leave everything else as default<\/li><\/ul>\n\n\n\n<ol class=\"wp-block-list\"><li><strong>Server Mode<\/strong> &#8211; Select <strong>Peer to Peer (Shared Key)<\/strong> option from the dropdown menu<\/li><li><strong>Server host or address<\/strong> &#8211; Enter the public IP address or hostname of the OpenVPN server here (e.g.&nbsp;<code>198.51.100.3<\/code>)<\/li><li><strong>Description &#8211; <\/strong>Enter Description for the connection(e.g. VPN Server for Site A)<\/li><li><strong>Shared key<\/strong> &#8211; Uncheck&nbsp;<strong>Automatically generate a shared key<\/strong>&nbsp;option, then paste the shared key which we saved in a file during server configuration.<\/li><li><strong>Tunnel Network<\/strong> &#8211; Enter&nbsp;<strong>10.3.100.0\/30<\/strong>&nbsp;as our tunnel network (<strong>Tunnel Network must be same on both side<\/strong>)<\/li><li><strong>Remote network<\/strong> &#8211; &nbsp;Enter the LAN address of Site B,&nbsp;<strong>10.3.0.0\/24<\/strong><\/li><\/ol>\n\n\n\n<ul class=\"wp-block-list\"><li>Now click&nbsp;on <strong>Save<\/strong><\/li><\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Add_a_firewall_rule_to_OpenVPN_interface_at_Site_B\"><\/span>Add a firewall rule to OpenVPN interface at Site B<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>Again, We have to add one more firewall rule to allowing traffic from the Server-side LAN network to the client-side LAN network through the VPN tunnel. For this, we add an \u2018Allow All\u2019 rule in the OpenVPN tab.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Goto&nbsp;<strong>Firewall &gt; Rules<\/strong>,&nbsp;<strong>OpenVPN<\/strong>&nbsp;tab<\/li><li>Now click&nbsp;&nbsp;<strong>Add<\/strong>&nbsp;to create a new rule above all existing rules<\/li><li>After that, select&nbsp;<strong>Any<\/strong>&nbsp;from the&nbsp;<strong>Protocol<\/strong>&nbsp;dropdown menu<\/li><li>Now Enter a&nbsp;<strong>Description<\/strong>&nbsp;like \u2018<em>Allow all from VPN Tunnel<\/em>\u2018<\/li><li>After that, click on&nbsp;<strong>Save<\/strong><\/li><li>Click&nbsp;<strong>Apply Changes<\/strong>&nbsp;to activate the rule and applying changes.<\/li><\/ul>\n\n\n\n<p>As a result, here we completed the client-side configuration. Nothing more is required for OpenVPN configuration. You can just test the connection now.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Summary\"><\/span>Summary:<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>So in this article, we had learned OpenVPN configuration in the pfSense firewall. You can ask for any queries in the comment section. You can suggest to me if I missed something in the article.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Also Read: <a href=\"https:\/\/oracle.itsupportwale.com\/blog\/install-openlitespeed-on-ubuntu-16\/\" target=\"_blank\" rel=\"noreferrer noopener\" label=\"How To Install OpenLiteSpeed Web Server on Ubuntu 16.04 LTS (opens in a new tab)\">How To Install OpenLiteSpeed Web Server on Ubuntu 16.04 LTS<\/a><\/li><\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>OpenVPN is an open-source solution for implementing Virtual Private Network to create point-to-point or site-to-site connections. In this article, we will learn how to configure OpenVPN in the pfSense firewall. PfSense is an open-source firewall\/router based on FreeBSD currently supported by Netgate. Also Read: Install OpenLiteSpeed Web Server on Ubuntu Prerequisite: We have required at &#8230; <a title=\"OpenVPN pfSense 2.4 Setup in simple steps\" class=\"read-more\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\" aria-label=\"Read more  on OpenVPN pfSense 2.4 Setup in simple steps\">Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":3405,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[507,498,510,511,2,505],"tags":[547,553,554,555,556,557,558],"class_list":["post-447","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-firewall-router","category-foss","category-openvpn","category-pfsense","category-tutorials","category-vpn","tag-openvpn-site-to-site","tag-pfsense-2-4-openvpn-setup","tag-pfsense-openvpn-client","tag-pfsense-openvpn-server","tag-pfsense-openvpn-setup","tag-pfsense-site-to-site-vpn","tag-pfsense-vpn-setup"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>OpenVPN pfSense 2.4 Setup in simple steps - ITSupportWale<\/title>\n<meta name=\"description\" content=\"In this article, we will learn how to configure OpenVPN Server and OpenVPN Client in the pfSense firewall for site-to-site connection by Shared Key Method.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpenVPN pfSense 2.4 Setup in simple steps - ITSupportWale\" \/>\n<meta property=\"og:description\" content=\"In this article, we will learn how to configure OpenVPN Server and OpenVPN Client in the pfSense firewall for site-to-site connection by Shared Key Method.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\" \/>\n<meta property=\"og:site_name\" content=\"ITSupportWale\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Itsupportwale-298547177495978\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-27T10:41:16+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-12-28T13:30:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Techie\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Techie\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\"},\"author\":{\"name\":\"Techie\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d\"},\"headline\":\"OpenVPN pfSense 2.4 Setup in simple steps\",\"datePublished\":\"2020-12-27T10:41:16+00:00\",\"dateModified\":\"2020-12-28T13:30:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\"},\"wordCount\":1141,\"commentCount\":1,\"publisher\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg\",\"keywords\":[\"openvpn site to site\",\"pfsense 2.4 openvpn setup\",\"pfsense openvpn client\",\"pfsense openvpn server\",\"pfsense openvpn setup\",\"pfsense site to site vpn\",\"pfsense vpn setup\"],\"articleSection\":[\"Firewall\/Router\",\"FOSS\",\"OpenVPN\",\"pfSense\",\"Tutorials\",\"VPN\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\",\"url\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\",\"name\":\"OpenVPN pfSense 2.4 Setup in simple steps - ITSupportWale\",\"isPartOf\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg\",\"datePublished\":\"2020-12-27T10:41:16+00:00\",\"dateModified\":\"2020-12-28T13:30:56+00:00\",\"description\":\"In this article, we will learn how to configure OpenVPN Server and OpenVPN Client in the pfSense firewall for site-to-site connection by Shared Key Method.\",\"breadcrumb\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage\",\"url\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg\",\"contentUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg\",\"width\":1200,\"height\":600,\"caption\":\"openvpn-pfsense-scenario\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/itsupportwale.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OpenVPN pfSense 2.4 Setup in simple steps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#website\",\"url\":\"https:\/\/itsupportwale.com\/blog\/\",\"name\":\"ITSupportWale\",\"description\":\"Tips, Tricks, Fixed-Errors, Tutorials &amp; Guides\",\"publisher\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/itsupportwale.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#organization\",\"name\":\"itsupportwale\",\"url\":\"https:\/\/itsupportwale.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png\",\"contentUrl\":\"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png\",\"width\":1119,\"height\":144,\"caption\":\"itsupportwale\"},\"image\":{\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/Itsupportwale-298547177495978\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d\",\"name\":\"Techie\",\"sameAs\":[\"https:\/\/itsupportwale.com\",\"iswblogadmin\"],\"url\":\"https:\/\/itsupportwale.com\/blog\/author\/iswblogadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OpenVPN pfSense 2.4 Setup in simple steps - ITSupportWale","description":"In this article, we will learn how to configure OpenVPN Server and OpenVPN Client in the pfSense firewall for site-to-site connection by Shared Key Method.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/","og_locale":"en_US","og_type":"article","og_title":"OpenVPN pfSense 2.4 Setup in simple steps - ITSupportWale","og_description":"In this article, we will learn how to configure OpenVPN Server and OpenVPN Client in the pfSense firewall for site-to-site connection by Shared Key Method.","og_url":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/","og_site_name":"ITSupportWale","article_publisher":"https:\/\/www.facebook.com\/Itsupportwale-298547177495978","article_published_time":"2020-12-27T10:41:16+00:00","article_modified_time":"2020-12-28T13:30:56+00:00","og_image":[{"width":1200,"height":600,"url":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg","type":"image\/jpeg"}],"author":"Techie","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Techie","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#article","isPartOf":{"@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/"},"author":{"name":"Techie","@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d"},"headline":"OpenVPN pfSense 2.4 Setup in simple steps","datePublished":"2020-12-27T10:41:16+00:00","dateModified":"2020-12-28T13:30:56+00:00","mainEntityOfPage":{"@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/"},"wordCount":1141,"commentCount":1,"publisher":{"@id":"https:\/\/itsupportwale.com\/blog\/#organization"},"image":{"@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage"},"thumbnailUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg","keywords":["openvpn site to site","pfsense 2.4 openvpn setup","pfsense openvpn client","pfsense openvpn server","pfsense openvpn setup","pfsense site to site vpn","pfsense vpn setup"],"articleSection":["Firewall\/Router","FOSS","OpenVPN","pfSense","Tutorials","VPN"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/","url":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/","name":"OpenVPN pfSense 2.4 Setup in simple steps - ITSupportWale","isPartOf":{"@id":"https:\/\/itsupportwale.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage"},"image":{"@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage"},"thumbnailUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg","datePublished":"2020-12-27T10:41:16+00:00","dateModified":"2020-12-28T13:30:56+00:00","description":"In this article, we will learn how to configure OpenVPN Server and OpenVPN Client in the pfSense firewall for site-to-site connection by Shared Key Method.","breadcrumb":{"@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#primaryimage","url":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg","contentUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2020\/12\/openvpn-pfsense-scenario.jpg","width":1200,"height":600,"caption":"openvpn-pfsense-scenario"},{"@type":"BreadcrumbList","@id":"https:\/\/itsupportwale.com\/blog\/openvpn-pfsense-2-4-setup-in-simple-steps\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/itsupportwale.com\/blog\/"},{"@type":"ListItem","position":2,"name":"OpenVPN pfSense 2.4 Setup in simple steps"}]},{"@type":"WebSite","@id":"https:\/\/itsupportwale.com\/blog\/#website","url":"https:\/\/itsupportwale.com\/blog\/","name":"ITSupportWale","description":"Tips, Tricks, Fixed-Errors, Tutorials &amp; Guides","publisher":{"@id":"https:\/\/itsupportwale.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/itsupportwale.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/itsupportwale.com\/blog\/#organization","name":"itsupportwale","url":"https:\/\/itsupportwale.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png","contentUrl":"https:\/\/itsupportwale.com\/blog\/wp-content\/uploads\/2023\/09\/cropped-Logo-trans-without-slogan.png","width":1119,"height":144,"caption":"itsupportwale"},"image":{"@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Itsupportwale-298547177495978"]},{"@type":"Person","@id":"https:\/\/itsupportwale.com\/blog\/#\/schema\/person\/8c5a2b3d36396e0a8fd91ec8242fd46d","name":"Techie","sameAs":["https:\/\/itsupportwale.com","iswblogadmin"],"url":"https:\/\/itsupportwale.com\/blog\/author\/iswblogadmin\/"}]}},"_links":{"self":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/posts\/447","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/comments?post=447"}],"version-history":[{"count":0,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/posts\/447\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/media\/3405"}],"wp:attachment":[{"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/media?parent=447"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/categories?post=447"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itsupportwale.com\/blog\/wp-json\/wp\/v2\/tags?post=447"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}