Guide

pfSense: OpenVpn configuration on Apple iPhone, Tablet and iOS

Purpose of this guide

The aim of this guide is to show how to configure our Apple device running iOS with OpenVpn on a pfSense firewall using the free OpenVPN Client App.

The configuration is really simple and is now stable and super tested for years. In particular, installation on iOS is particularly simple, even for non-professionals.

This guide can also be applied to OPNsense without particular changes.

Software prerequisites:

Applicable from pfSense 2.3 onwards.

This guide is made with pfSense 2.4.4.

The OpenVPN server must be already configured and functional, as shown and illustrated in the guide: https://www.firewallhardware.it/en/create-a-road-warrior-vpn-client-to-gateway-with-pfsense-and-openvpn/

Used Hardware

To create this guide we used an A1 Server (https://www.firewallhardware.it/a1-server/) but it can also work with the cheapest firewalls starting from the famous APU2 NIC (https://www.firewallhardware.it / apu2-2nic /).

As an Apple device, we used an iPhone 6. Intentionally not one of the latest models to show that compatibility is also extended to older models.

Installation of OpenVPN on iOS:

First we go to the App Store and download the OpenVpn Client (https://itunes.apple.com/us/app/openvpn-connect/id590379981) and install the app on our Apple Device.

VPN iPhone

Once the installation is complete, the application should appear as shown in the figure below:

VPN iPhone

At this point we create a user and the relative certificate as shown in our guide: https://www.firewallhardware.it/en/create-a-road-warrior-vpn-client-to-gateway-with-pfsense-and-openvpn/

Let’s go to our pfSense and look for the menu: VPN – OpenVPN – Client Export.

Let’s scroll down the page:

VPN Iphone

We download the OpenVPN Connect package (iOS / Android) see red dot in the figure.

The downloaded package will contain a single file.

At this point we just have to send the package you just downloaded to an email address configured on the Apple iOS device.

Let’s go to our MAC device, open the mail and we will see that the file will be displayed with the OpenVPN icon as shown in the figure:

VPN iPhone

We select the file attached with the OpenVPN icon.

VPN Iphone

If the OpenVPN App is correctly installed on our Apple device we will see the Copy to OpenVPN choices.

We then select Copy to OpenVPN. The App should therefore import the certificate into it. The result should be:

VPN iPhone

At the bottom left we select ADD to import the certificate on our Apple device.

VPN iPhone

We complete the username field with the username set on the certificate downloaded from pfSense, in this case test1 and we put the password here also previously set on pfsense.

Note: the password set on pfSense means the one entered in the menu: System – User Manager – Users.

VPN Iphone

We answer Allow to the question.

We finished! Now our Apple iPhone or Tablet is ready to test the VPN connection.

VPN iPhone

As shown in the figure below, let’s try to activate the VPN connection:

VPN iPhone

In case of errors, it will be possible to consult the activity log by pressing the icon at the top right next to the word Profiles.

Remember that this guide can also be used to connect OPNsense devices using the same OpenVPN Client application and the same configurations.

In case of problems in the connection it is probable that the problem lies in the configuration of the pfSense, that is server side. The advice is to consult the following guide: https://www.firewallhardware.it/en/create-a-road-warrior-vpn-client-to-gateway-with-pfsense-and-openvpn/

  ti posso interessare anche