Astrill Setup Manual:Setup OpenVPN on pfSense

From Astrill Wiki
Revision as of 16:21, 13 July 2020 by Irfan (talk | contribs)
Jump to navigation Jump to search

STEP 1: Download OpenVPN Configuration File

Login into your Astrill account.

PfSense-openvpn1.png


Then go to "VPN Services" tab.

PfSense-openvpn2.png


Go to "OpenVPN Certificates" option.

PfSense-openvpn3.png


Click on "Create new certificate".

PfSense-openvpn4.png



PfSense-openvpn5.png



PfSense-openvpn6.png



Select your desired mode UDP-Fast OR TCP-Reliable and click on download icon in front of your any desired server.

PfSense-openvpn7.png



STEP 2: Setup Certificates For OpenVPN

Login into pfSense through your browser

PfSense-wireguard4.png



Go to System tab and click on Cert. Manager.

PfSense-openvpn8.png



Select CAs tab and click on Add button.

PfSense-openvpn9.png



Open that OpenVPN .conf file in notepad which you downloaded on step 1.

PfSense-openvpn10.png



Copy the highlighted CA part from the notepad.

PfSense-openvpn11.png



Write a descriptive name and select Import an existing certificate authority from method option and paste the CA in Certificate Data field and click on Save button.

PfSense-openvpn12.png



Now go to Certificates tab and click on Add button.

PfSense-openvpn13.png



Go to notepad again and copy CERT part like highlighted in screenshot below.

PfSense-openvpn14.png



Select Import an existing Certificate from method option and type same descriptive name like you did in previous step and paste the CERT in Certificate Data field.

PfSense-openvpn15.png



Go to notepad and copy the KEY part as highlighted in screenshot below.

PfSense-openvpn16.png



Paste the KEY in Private Key Data field and click on Save button.

PfSense-openvpn17.png



STEP 3: Setup OpenVPN Client on pfSense

Now go to VPN tab and click on OpenVPN

PfSense-openvpn18.png



Select Clients tab and then click on Add button.

PfSense-openvpn19.png



Make these changes which are marked in screenshot below.

PfSense-openvpn20.png



Copy Remote address and Port which are marked in screenshot below. Note: You can use any random port between 1024-65535.

PfSense-openvpn21.png



Paste that Remote address and Port in marked fields.

PfSense-openvpn22.png



Go to notepad and copy TLS-AUTH key.

PfSense-openvpn23.png



Paste that key in TLS Key field and make those changes which are marked in screenshot below.

PfSense-openvpn24.png



Select mentioned NCP-Algorithms and make these changes.

PfSense-openvpn25.png



Select SHA1 (160-bit) for Auth Digest Algorithm and Intel RDRAND engine - RAND for Hardware Crypto.

PfSense-openvpn26.png



Go to notepad and copy all the highlighted text in the screenshot below.

PfSense-openvpn27.png