Astrill Setup Manual:Setup OpenVPN on pfSense: Difference between revisions
No edit summary
No edit summary
|Line 147:||Line 147:|
|Line 159:||Line 159:|
and in screenshot below.
Revision as of 16:43, 13 July 2020
STEP 1: Download OpenVPN Configuration File
Login into your Astrill account.
Then go to "VPN Services" tab.
Go to "OpenVPN Certificates" option.
Click on "Create new certificate".
Select your desired mode UDP-Fast OR TCP-Reliable and click on download icon in front of your any desired server.
STEP 2: Setup Certificates For OpenVPN
Login into pfSense through your browser
Go to System tab and click on Cert. Manager.
Select CAs tab and click on Add button.
Open that OpenVPN .conf file in notepad which you downloaded on step 1.
Copy the highlighted CA part from the notepad.
Write a descriptive name and select Import an existing certificate authority from method option and paste the CA in Certificate Data field and click on Save button.
Now go to Certificates tab and click on Add button.
Go to notepad again and copy CERT part like highlighted in screenshot below.
Select Import an existing Certificate from method option and type same descriptive name like you did in previous step and paste the CERT in Certificate Data field.
Go to notepad and copy the KEY part as highlighted in screenshot below.
Paste the KEY in Private Key Data field and click on Save button.
STEP 3: Setup OpenVPN Client on pfSense
Now go to VPN tab and click on OpenVPN
Select Clients tab and then click on Add button.
Make these changes which are marked in screenshot below.
Copy Remote address and Port which are marked in screenshot below. Note: You can use any random port between 1024-65535.
Paste that Remote address and Port in marked fields.
Go to notepad and copy TLS-AUTH key.
Paste that key in TLS Key field and make those changes which are marked in screenshot below.
Select Client Certificate and for Encryption Algorithm select AES-256-CBC (256 bit key, 128 bit block).
Select SHA1 (160-bit) for Auth Digest Algorithm and Intel RDRAND engine - RAND for Hardware Crypto.
For Compression and Topology select those options which are marked in screenshot below.
Go to notepad and copy all the strings which are highlighted in the screenshot below.
Paste these strings in Custom Options and make sure to separate every string using semicolon. Also make these changes which are marked in the screenshot below and click on Save button.
Now go to Status tab and select OpenVPN.
On this page, you can connect and disconnect OpenVPN.