Install OVPN on pfSense

1. Change DNS servers

Navigate to System -> General Setup.

Change the DNS servers in the list to 46.227.67.134 and 192.165.9.158

Deselect, so that Allow DNS server list to be overridden by DHCP/PPP on WAN is not chosen

Select, so that Do not use the DNS Forwarder or Resolver as a DNS server for the firewall is chosen

Save the changes.

2. Create CA certificate

Navigate to System -> Cert manager.

Click on the plus (+) icon. Afterwards, alter these settings:

Descriptive name	OVPN
Method	Import an existing Certificate Authority
Certificate data	You must be logged in to see this.
Certificate Private Key (optional)	(leave blank)
Serial for next certificate	(leave blank)

Save the changes.

3. Configure OpenVPN

Navigate to VPN -> OpenVPN. Click on the Client tab.

Click on the plus (+) icon. Afterwards, alter these settings

Save the changes.

4. Create OpenVPN interface

Navigate to Interfaces -> (assign).

Click on the plus (+) icon to create interface ovpnc1 (OVPN client). Afterwards, click on OPT1.

Select, so that Enable is chosen. Save your changes and click on Apply changes.

5. Configure NAT

Navigate to Firewall -> NAT. Click on the Outbound tab.

Select, so that Manual Outbound NAT rule generation (AON - Advanced Outbound NAT) is chosen. Save your changes and click on Apply changes.


The next step is to duplicate all existing rules, but changing the interface to OVPN. To duplicate a rule, click on the plus (+) icon next to the rule.

Change Interface to OPT1. You should also alter the Description in order to clarify that the rule is for OPT1. Save your changes.

When all the rules have been duplicated, commit your changes by clicking on Apply changes.

6. Start OpenVPN

Navigate to Status -> OpenVPN. Click on the Outbound tab.

Click on the icon that looks like a Play button in order to start OpenVPN. If OpenVPN is already running, we suggest restarting it.

7. Finished

You should now be connected to OVPN and be able to browse the internet safely. To make sure everything was set up correctly, please check the dashboard and verify that all tests pass.