I have openvpn setup on pfsense. Now I am trying to figure out how to get my ubuntu/gnome laptop to connect. Im exporting different things and looking for tutorials on the internet. The gui just hangs when I offer it files. Was working on some command lines attempts but none of the instructions I can find matches up right with the files I can export from the pfsense webgui.
Anyone have a good strategy for this or better instructions?
Have you read https://doc.pfsense.org/index.php/OpenVPN_Remote_Access_Server#OpenVPN_Client_Export_Package ? http://askubuntu.com/questions/27168/config-import-on-network-manager-openvpn seems to be helpfull aswell.
I's suggest you do what the best answer there said:
openvpn --config /path/to/config.ovpnThen report back results!
If you want to use the gui there is an openvpn plugin for network manager. I can't remember what it's called but if you search in the software centre you should find it. From there you can just import the config file you export from pfsense.
I'd export the archive for use with the plugin as it has the keys separate, you'll also need to export the keys with a password.
If you want to use the command line you could try exporting the config only option or using the config from the archive and making sure it has the correct path to your keys. Or you could try using the inline version from the android export options as that will include all the keys in the config file.
Also if you have your openvpn server set on your wan interface and you're trying to connect your laptop when your laptop is on you're LAN then it won't work. You'll need to try from outside your network or change your open VPN server to the LAN interface (at least to test that you can connect).
You can also set up nat reflection so LAN devices can connect to things on the wan interface but I can't remember how to do that in pfsense off the top of my head, I think it's in the advanced settings somewhere probably under the firewall or networking tab.
...But make sure to also test without the GUI, which is called network-mamager-openvpn-gnome btw., since it's quite buggy.
And if you can't get it working remember to check the logs. On pfsense it's under status>system logs>openvpn and in Linux it's /var/logs/syslog. It might also be worth setting the verbosity to 4 which you can do at the bottom of the server infighting pages or add/change the line verb 4 to the client config. That way you can figure out what the issue is.
I read these documents yes and was following another recommendation that put the certs and key files into separate files and pointed to them from the main. I will try this instead at max1220s ask Ubuntu link. Also I did not know I had to do it from the outside so Ill do that today thanks everyone who answered.
Hak5 on Youtube have just done a two part tutorial on OpenVPN on Ubuntu. It's not quite what you are looking for as regards pfsense, but it may give you some pointers to a solution.
Here is how I do it, I wrote these instructions the other day so I'll just link to them. The only difference with this is you'll want to use your exported openvpn configuration and .ca cert if you use that
I think ive gotten close with the command line. The problem now is that it cant find the key file and the like that are referenced in the original. Says file not found. How would I reference that correctly? They are in the same directory with the main config file that it must be reading to look for the others. And in the file it just lists the names of the files without a directories which kinda makes sense to me. They are all in ~/openvpn/ and so I tried that in front of the file names but it doesnt work. Anyone know the trick with this?
Gave up on figuring out how it works with the paths and just stuck them in my home directory. Failed the first time repeated with sudo and now got it through the initialization sequence just for it to hang and now try to repeat on time out.
I'm pretty sure the paths are relative to openvpn, not the config file. I think if you put them in /etc/openvpn it will work or you could just use the full path (/home/user/openvpn/user.key for example)
I've been using the openvpn appliance on my php virtual box virtual server (freenas jail).
It's all seat licencing, and only 2 seats with the free licence, but it makes setup very, very easy.
https://openvpn.net/index.php/access-server/download-openvpn-as-vm.html
I believe that there's also some sort of GUI called gadmin. It also might be included in Webmin, but I wouldn't suggest that. Just use full paths. It also might be relative to the CWD.
I can probably help with your issues.
If you still want to get this going let me know. I have got OpenVPN working a few ways (CLi and the NetworkManager module including some natty scripts to identify by network if I should be using the VPN on my Laptop). Give me a shout on here if you still want to get this going.