search

Point to Site VPN Configuration

hashtag
Step 1: Prerequisites

  • Create a private network (VPC) without a router via Horizon.

  • Navigate to Project → Network → Networks → Create Network.

  • Example: Subnet - 192.168.7.0/24, Gateway IP - 192.168.7.1.

hashtag
Step 2: Create a Security Group

  • Navigate to Project → Network → Security Group → Create Security Group.

  • Allow any protocol for the pfSense Server.

hashtag
Step 3: Create a pfSense Server

  • Attach both Public and Private Interfaces (e.g., Server-0).

  • Assign the gateway IP.

  • Disable port security of the Private Interface.

hashtag
Step 4: Configure pfSense Interfaces

  • Set up the LAN and WAN interfaces inside pfSense Server.

hashtag
Step 5: Create a Temporary Windows Server

  • Create a Windows Server with a private interface (e.g., Server-1).

hashtag
Step 6: Access pfSense WebGUI

  • Log in using the default username and password.

hashtag
Step 7: Initial pfSense Setup

  • Complete the basic setup wizard as shown in the images.

hashtag
Step 8: Set Up Certificates and OpenVPN Server

  • Navigate to VPN → OpenVPN → Servers → Wizards.

  • Tunnel Network: 192.168.8.0/24.

  • Local Network: 192.168.7.0/24.

  • Edit the server settings as needed.

hashtag
Step 9: Install OpenVPN Client Export Package & Create Users

  • Install 'openvpn-client-export' from System → Package Manager → Available Packages.

  • Navigate to VPN → OpenVPN → Client Export to download the bundled configuration archive.

  • Ensure you have a user account set up with a user certificate created. This can be completed by selecting System > User Manager > Add. Select a username and Password, then click to create a user certificate. Give the certificate a name and ensure that the OpenVPN_CA that we created earlier is selected. Leave the rest as default and save.

hashtag
Step 10: Set up OpenVPN Client

  • On Browser search “OpenVPN Connect Download” and download the “Download.msi” file and install it.

  • Launch OpenVPN Connect and upload the configuration file.

  • Enter the username and password associated with the certificate.

  • Click 'Continue' to establish the connection.

hashtag
Step 11: Final Testing

  • From the OpenVPN client, ping the pfSense LAN IP to verify connectivity.

  • Verify VPN tunnel operation (client gets IP from 192.168.8.0/24).

  • Ensure correct routing between VPN subnet (192.168.8.0/24) and LAN subnet (192.168.7.0/24).

  • Confirm pfSense LAN interface (192.168.7.1) is reachable and responding.

PreviousHow to Attach Multiple Interfaces to an Instance?NextInstalling GUI and Configuring Multi User RDP on Ubuntu 22.04

Last updated