How to install an OpenVPN Server and allow all traffic (including internet) thru the VPN server.
Setup –
FreeBSD 10.3 Server behind a PFSense box
Windows 10 client
I followed this guys site …
Link: https://ramsdenj.com/2016/07/25/openvpn-on-freebsd-10_3.html
Also follow OpenVPN documentation on “pushing” DNS and routes if you want, link is below. You’ll need to add the line below to your openvpn.conf file to push all traffic thru the VPN server as a gateway…
push "redirect-gateway def1"
Link: https://openvpn.net/index.php/open-source/documentation/howto.html
He is spot on, in his write up but two things he doesn’t tell you. You have to turn up either PF or IPFW and NAT. Also, he doesn’t make you aware of the “tls ta.key” setting. You can disable this or enable it in the openvpn.conf file. The “ta.key” has to be copied to both client and server. I disabled mine as after reading, its not a big security threat.
Once installed and you can connect to your server from your client, its time to turn up a NAT.
I used PF. Follow the FreeBSD Handbook setup for PF. Below is my pf.conf file. It is very simple. I do not have any firewall features because my server already sits behind a firewall.
nat on re0 from any to any -> (re0)
pass in all
pass out all keep state
pass in on tun0 from tun0:network to re0:network keep state
pass out on re0 from tun0:network to re0:network keep state
Once your NAT and PF is working, you should be good to go.
.:|:. Network Geek .:|:. 