Configure pfSense with OpenVPN Premium



    This tutorial applies to one ActiVPN server – you will have to repeat it if you want to use several servers at different points in time. For this tutorial we are going to use the US-2 server.
    I will go through the steps detailing the specificities of ActiVPN. However please visit mpboden’s tutorial (linked at the top) for very informative additional info on certificate validation, and especially routing.

  • This tutorial applies to pfSense version 2.1.1 and later and will allow you to route all or some of your equipment through your pfSense firewall.

  • This tutorial assumes the following:

  • You have a current subscription to ActiVPN with a valid username and password.
  • You are using pfSense version 2.1.1 or newer
  • You have pfSense setup and configured as a base installation with a single WAN interface connected to a modem and a single LAN interface with one or more clients
  • Firewall LAN rules have a default "Allow All"


  • VPN android


Getting Started


We need to acquire a few things first. Download the zip configuration from the activation email you received. This supplies their .crt and .ovpn files, which include the names of their servers. You won't be using any of the .opvn files directly, but you can view them in a text editor to get the name of a specific server you want to connect to. Additionally, you'll need your username and password, which were provided to you by ActiVPN. We'll be using these later.

Next, log into your pfSense administration panel. Now let's go through the following steps in greater detail:

  • Create CA Certificate
  • Create password file to store your ActiVPN username and password
  • Create/configure an OpenVPN Client
  • Create/configure an OpenVPN interface
  • Configure Outbound NAT rules
  • Verify OpenVPN Service


Create CA Certificate



  • 1. Select menu item: System->Cert Manager
  • 2. Select CAs tab
  • 3. Click Plus symbol to add CA Certificate
  • 4. Configure as follows:
  • • Descriptive name = ActiVPN-US2
  • • Method = Import an existing Certificate Authority
  • • Certificate data = (copy/paste your ca-us-2.crt certificate provided by ActiVPN)
  • -----BEGIN CERTIFICATE-----
    ...
    ...
    ...
    -----END CERTIFICATE-----

  • 5. Certificate Private Key = (leave blank)
  • 6. Serial for next certificate = (leave blank)
  • 7. Click the Save button




Get this VPN - Configure pfSense with OpenVPN Premium