pfSense OpenVPN - SSL VPN Server and Tunnels
pfSense OpenVPN - SSL VPN Server and Tunnels
OpenVPN in pfSense runs in userspace and uses SSL/TLS for traffic encryption. The protocol supports two operating modes: Remote Access for connecting individual clients and Peer-to-Peer (SSL/TLS) for site-to-site tunnels between locations. Unlike IPsec, OpenVPN can operate over TCP 443, allowing connections to be established in networks with restrictive filtering policies.
Authentication in OpenVPN is based on X.509 certificates managed by the pfSense built-in certificate authority. Additionally, username and password authentication is supported through the local database, LDAP, or RADIUS, enabling integration with Active Directory.
In This Section
- Remote Access Server - configuring an OpenVPN server for remote employees, certificate creation, firewall rules
- Site-to-Site Tunnel - connecting two sites via OpenVPN in Peer-to-Peer (SSL/TLS) mode
- Client Configuration Export - using the openvpn-client-export package to generate ready-made configuration files and installers
Last updated on