Can someone please help me get AirVPN to work with pfSense?

BirdDad

Golden Member
Nov 25, 2004
1,131
0
71
All the tutorials have three certificates, all I get generated from it is two certificates and two keys a static and an RSA key.
 

CubanlB

Senior member
Oct 24, 2003
562
0
76
OpenVPN type setups (Usually) need the

VPN server Public Certificate (Lets you encrypt traffic to be sent to the server, and identifies that it is being sent to the correct server)
The clients Public Certificate (Lets the server encrypt data sent to you, and identifies that it is being sent to the correct client)
The clients private key (Lets you decrypt the data sent to you)
Someimes a TLS auth key - (your second key - this is a symmetrical key you need this to even start talking to the VPN server)

You also need to import the Public Cert of the CA that Signed AirVPNs VPN server public cert. (doesn't look like it in the instructions I found)

It would help if you provided the tutorial you are using.

You should have everything you need.

Read about what the certs and keys you have are
https://airvpn.org/topic/11245-how-to-set-up-pfsense-21-for-airvpn/#entry16200
 
Last edited:

BirdDad

Golden Member
Nov 25, 2004
1,131
0
71
I with some help have got it figured out that one was a key and not a cert
I just need help in getting this thing to work and I am going by the tutorial that you showed me. A lot of it is outdated and my version of pfSense either doesn't have it or it is different.
like the the DNS forwarder/vs resolver
 
Last edited:

mxnerd

Diamond Member
Jul 6, 2007
6,799
1,102
126
You have to disable DNS resolver in order to set DNS forwarder.

The instruction Step 6 mistakenly states that you have to disable DNS forwarder, it's wrong.

If you don't disable DNS resolver, you will get an error whenyou try to save DNS forwarder settings.

You can use any public DNS like

Level3 4.2.2.1, 4.2.2.2 or
Google 8.8.8.8, 8.8.4.4 or
OpenDNS 208.67.222.222 . 208.67.220.220, etc.,

or
https://airvpn.org/specs/ like 10.4.0.1, 10.5.0.1 etc, I think. (Maybe not if you are not connecting to AirVPN)

in System menu, General Setup, DNS servers
 
Last edited:

Red Squirrel

No Lifer
May 24, 2003
68,656
12,719
126
www.anyf.ca
I find the DNS forwarder in pfsense can be flaky at times, like sometimes it will randomly stop resolving a specific internal domain from a specific box. Rebooting the forwarder services fixes it temporarily.

Also is the VPN server sitting on the network or are you trying to do it within pfsense? I find that when I setup my VPN server I had to set it up in it's own vlan. Pfsense has a built in security rule that will not allow traffic to come out of the same interface it come out on. So basically speaking if you are connected to the VPN from a remote location and try to connect to a server that's on the same vlan as the VPN server, the traffic goes out of that interface to the pfsense server, then is routed back to that same interface, and pfsense blocks this. So I ended up creating a separate vlan for just the VPN server and now everything works. I also found that setting up a separate openvpn server was easier than doing it in pfsense, as there is more tutorials online for setting up openvpn directly.