Purpose of this guide
The aim of this guide is to show how to configure our Apple device running iOS with OpenVpn on a pfSense firewall using the free OpenVPN Client App.
The configuration is really simple and is now stable and super tested for years. In particular, installation on iOS is particularly simple, even for non-professionals.
This guide can also be applied to OPNsense without particular changes.
Applicable from pfSense 2.3 onwards.
This guide is made with pfSense 2.4.4.
The OpenVPN server must be already configured and functional, as shown and illustrated in the guide: https://www.firewallhardware.it/en/create-a-road-warrior-vpn-client-to-gateway-with-pfsense-and-openvpn/
To create this guide we used an A1 Server (https://www.firewallhardware.it/a1-server/) but it can also work with the cheapest firewalls starting from the famous APU2 NIC (https://www.firewallhardware.it / apu2-2nic /).
As an Apple device, we used an iPhone 6. Intentionally not one of the latest models to show that compatibility is also extended to older models.
Installation of OpenVPN on iOS:
First we go to the App Store and download the OpenVpn Client (https://itunes.apple.com/us/app/openvpn-connect/id590379981) and install the app on our Apple Device.
Once the installation is complete, the application should appear as shown in the figure below:
At this point we create a user and the relative certificate as shown in our guide: https://www.firewallhardware.it/en/create-a-road-warrior-vpn-client-to-gateway-with-pfsense-and-openvpn/
Let’s go to our pfSense and look for the menu: VPN – OpenVPN – Client Export.
Let’s scroll down the page:
We download the OpenVPN Connect package (iOS / Android) see red dot in the figure.
The downloaded package will contain a single file.
At this point we just have to send the package you just downloaded to an email address configured on the Apple iOS device.
Let’s go to our MAC device, open the mail and we will see that the file will be displayed with the OpenVPN icon as shown in the figure:
We select the file attached with the OpenVPN icon.
If the OpenVPN App is correctly installed on our Apple device we will see the Copy to OpenVPN choices.
We then select Copy to OpenVPN. The App should therefore import the certificate into it. The result should be:
At the bottom left we select ADD to import the certificate on our Apple device.
We complete the username field with the username set on the certificate downloaded from pfSense, in this case test1 and we put the password here also previously set on pfsense.
Note: the password set on pfSense means the one entered in the menu: System – User Manager – Users.
We answer Allow to the question.
We finished! Now our Apple iPhone or Tablet is ready to test the VPN connection.
As shown in the figure below, let’s try to activate the VPN connection:
In case of errors, it will be possible to consult the activity log by pressing the icon at the top right next to the word Profiles.
Remember that this guide can also be used to connect OPNsense devices using the same OpenVPN Client application and the same configurations.
In case of problems in the connection it is probable that the problem lies in the configuration of the pfSense, that is server side. The advice is to consult the following guide: https://www.firewallhardware.it/en/create-a-road-warrior-vpn-client-to-gateway-with-pfsense-and-openvpn/