These instructions will walk you through adding a VPN user/client via OpenVPN's GUI. It is assumed you have administrator access to the pfSense firewall and are logged in.
Create Client Certificate
Navigate to Cert. Manager under the System menu at the top of the page:
Switch to the Certificates tab at the top:
Scroll all the way to the bottom and click + Add/Sign:
Leave all options alone except for:
- Descriptive Name: Enter a simple explanation such as "OpenVPN Client: Joe Tester Laptop" to describe the user and device the configuration will be used on. We recommend prefixing these with "OpenVPN Client:".
- Common Name: A shortened version of this, we recommend the style username-devicename, ie; joe-laptop
Using the above example, you'll end up with a screen like this:
Click Add once you're finished.
Export Client Configuration
The last thing to do is collect the installer/configuration bundle for the user.
Navigate to OpenVPN under the VPN menu at the top:
Switch to the Client Export tab:
Scroll until you find the certificate you just created:
Typically you'll want to use the Windows Vista and Later installer option for Windows users or the Viscosity Bundle for Mac users.
Note:
- The Windows Vista or Later installer is an .exe which contains both the OpenVPN client installer and the VPN config itself.
- The Viscosity exports do not include the Viscosity software itself, as it is not free. You'll want to point your users to the Viscosity download page or send them the installer separately.
Send The Files
Securely send these file(s) to the user (do not email them!), and have them install and connect, that's it.
