Install OVPN on pfSense

1. Change DNS servers

Navigate to System → General Setup.

Change the DNS servers in the list to:

46.227.67.134
192.165.9.158

Deselect, so that Allow DNS server list to be overridden by DHCP/PPP on WAN is not checked

Select, so that Do not use the DNS Forwarder or Resolver as a DNS server for the firewall is checked

Save the changes.

2. Create CA certificate

Navigate to System → Cert manager.

Click on the plus (+) icon. Afterwards, alter these settings:

Create/Edit CA

Descriptive name	OVPN
Method	Import an existing Certificate Authority

Existing Certificate Authority

Certificate data	You must be logged in to see this.
Certificate Private Key (optional)	(leave blank)
Serial for next certificate	(leave blank)

Save the changes.

3. Choose how you want to connect to OVPN

You need to be logged in to download the configuration files. Once you're logged in, you will find the files here.

4. Configure OpenVPN

Navigate to VPN → OpenVPN. Afterwards click on tab Clients.

Click on the plus (+) icon. Afterwards, alter these settings

You must be logged in to see this.

5. Create OpenVPN interface

Navigate to Interfaces → Assignments.

Click on the plus (+) icon to create interface ovpnc1 (OVPN client). Afterwards, click on OPT1.

Select, so that Enable interface is checked. Save your changes and click on Apply changes.

6. Configure NAT

Navigate to Firewall → NAT. Afterwards click on tab Outbound

Select, so that Manual Outbound NAT rule generation (AON - Advanced Outbound NAT) is checked. Save your changes and click on Apply changes.

The next step is to duplicate all existing rules, but changing the interface to OVPN. To duplicate a rule, click on the duplicate icon (the middle icon) next to the rule

Change Interface to OPT1. You should also alter the Description in order to clarify that the rule is for OPT1. Save your changes.

When all the rules have been duplicated, commit your changes by clicking on Apply changes.

7. Start OpenVPN

Navigate to Status → OpenVPN

Click on the icon that looks like a Play button in order to start OpenVPN. If OpenVPN is already running, we suggest restarting it.

8. Finished

You should now be connected to OVPN and be able to browse the internet safely. To make sure everything was set up correctly, please check the dashboard to verify that you are connected.