Search the Community
Showing results for tags 'ssh tunnel'.
Found 1 result
-
Ive been looking for an ssl tunneling tutorial for pfsense 2.x, but I havent found one that covers every step so Im sharing how I did it. The contents of this tutorial is to be considered as work in progress, I wrote this on the fly and because of this it might be rough around the edges. Before you begin, I strongly recommend that you make a backup/restore of your current psense config to an external harddrive before making any attempt to any manual editing of the pfsense configuration. There are some basic requirements for this is guide: 1. You need to have completed the pfsense fresh install tutorial or have an older pfsense rig with working internet access. 2. You also need program that can open and read the airvpn config files, this program will be required later on in this guide, Im using a program called notepad++, its lightweight and free, you can download it from their website, https://notepad-plus-plus.org Now lets begin downloading the ssl/ssh files from airvpn website. 1.0 Login to airvpn website and go to client area and click on "config generator" in the leftside menu. Please understand that the ssl/ssh files are only available for downloading if you have selected any of these 3 operative systems: windows, linux or os x. 1.1 Now scroll down to "connection modes" and check the box for advanced mode. Select your preferred direct connection protocol(s) and port(s), then select the ssh/ssl tunnel configs that you want to use, select separate keys/certs from .ovpn file and save them to a folder on your pc. Creating and modifying files in pfsense using the GUI for "diagnostics" and "edit file". In the previous step we have already downloaded the ssl/ssh tunneling config files from airvpn.org, and now we are going to create 3 empty files in the pfsense root folder. While being logged in as admin on pfsense go to the GUI for "diagnostics" and click on "edit file", this will open the page where we can create and modify the required folders and files. As an tutorial example this is how it could look like. /root/AIRVPN_UDP-443.ovpn /root/AIRVPN_SSL-443.ssl /root/stunnel.crt For more advanced and experienced users that know what they are doing: /root/AirVPN *insert the name of your config file here*.ovpn /root/AirVPN *insert the name of your config file here*.ssl /root/stunnel.crt Now its time to copy the data from the airvpn config files on the PC and paste them directly into the newly created empty files on pfsense After the empty files has been created in the root folder of pfsense we need to go back to the PC and open folder where we saved the airvpn config files that we saved to the hardrive earlyer. Copying the *.ovpn file. Right click with the mouse on the airvpn config file on your PC that ends with *.ovpn, select to "open with", then select notepad++ in the dropdown menu. Locate the PC folder that you saved the airvpn.org *.ovpn configuration files to, use the notepad++ program to open and copy the information inside configuration file that ends with *.ovpn, then go back to pfsense and go to the GUI for "diagnostics" and "edit file", click on "browse" and select the file that ends with *.ovpn, click on "load", and paste the content from the airvpn ssl file directly into the corresponding file on pfsense, when you are done editing click on the button called "save". Copying the *.ssl file(s) ( this step also applies for *.ssh files ). In pfsense GUI for "diagnostics" and "edit file", click on the button called "browse" and navigate back to the /root folder where we created 3 empty files earlyer. Locate the PC folder that you saved the airvpn.org ssl/ssh configuration file(s) to, use the notepad++ program to open and copy the information inside configuration file that ends with *.ssl, then go back to pfsense and go to the GUI for "diagnostics" and "edit file", click on "browse" and select the empty file that ends with *.ssl, click on "load", and paste the content from the airvpn ssl file directly into the corresponding file on pfsense, when you are done editing click on the button called "save". Copying the stunnel.crt file. The last file that needs to be copied and pasted is stunnel.crt: On your pc, click on the stunnel.crt file and select "edit with notepad++" Locate the PC folder that you saved the airvpn.org *.stunnel.crt configuration file to, use the notepad++ program to open and copy the information inside configuration file, then go back to pfsense and go to the GUI for "diagnostics" and "edit file", click on "browse" and select the corresponding file, click on "load", and paste the content from the airvpn stunnel.crt file directly into corresponding file on pfsense, when you are done editing click on the button called "save". Now we are going to download and install the pfsense package called "Stunnel". Login to pfsense as admin and go to system/packages, click on the tab called security and install the package called "stunnel" from there. Time to use the execute shell command. While being logged in to pfsense GUI as admin go to the "diagnostics" page and open the "command prompt page". In the command prompt page look for a field called "Execute shell command". The command syntax: stunnel /root/*insert the name of your config file here*.ssl ( then click on the button called "EXECUTE" ) ( each time pfsense is rebooted you need to re-enter this command ) openvpn /root/*insert the name of your config file here*.ovpn ( then click on the button called "EXECUTE" ). Creating a new OPENVPN client profile. Go to the pfsense GUI for vpn/openvpn/client and select add new openvpn client, then use the notepad++ to open the config file on your PC and copy and paste the data into your new openvpn client configuration. !! Makesure that the vpn service doesnt automaticly start in the background before you proceed with the next steps as described below this line. !! Assigning interfaces. Go to pfsense and to the GUI for interface assignments, and assign a network port for your airvpn ssl tunnel. Optional steps before starting the ssl/ssh tunnel. Reload filters & reset states Now its time to start the vpn ssl/ssh tunnel. While being logged in to pfsense GUI as admin go to the "diagnostics" page and open the "command prompt page". In the command prompt page look for a field called "Execute shell command". The command syntax: stunnel /root/*insert the name of your config file here*.ssl ( then click on the button called "EXECUTE" ) ( you might need to re-enter this command each time pfsense restarts ) openvpn /root/*insert the name of your config file here*.ovpn ( then click on the button called "EXECUTE" ). Issues and post install problem solving. If the GUI for status/dashboard at this point shows a green 0.0.0.0 you need to stop and restart the vpn service.