Beruflich Dokumente
Kultur Dokumente
Intro
In this document I try to explain how to configure ssl-based site-to-site tunnels using pfSense /1/ and
OpenWRT /2/. In this example I use shared key, because it’s easiest way to set up site-to-site
tunnel. Bad thing for this is that I can use only one tunnel/key, but it’s enough for me. This document
assume that reader have some experience how to use pfSense and OpenWRT.
Enviroment
Bellow is picture for this document example environment. WAN address for pfSense is picked up in
my head.
Generating key
Enter an option: 8
Step 3. Generate key
# openvpn --genkey --secret /tmp/myshared.key
Example key:
# more /tmp/myshared.key
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
ef9b9f0bff2268eb3966d6a408398db1
f7e6f9823402c76560d1ce25b8d46be4
1c58e656d2e7633d2481e74b9e328618
3c9e6a7528a46b2474bc08838ae19a4c
7f19878bd381cf8cfb0c4dc14fa52622
7360921e50710d0af689476388df0a25
54e1e86b2c9fcc4139dba763b97861bc
36cd477c6f293e8ca07e1bffaba697bf
948b65c213c5747cf0645fb7886bac4b
893953f697640dff961b95cfd8d2c0f3
ef976540e9c004ed72494648462496be
969a70e7d53910f3415f8d829bdb192e
b4aad90e91baec25cac0b260205823e9
e945938896fdd9d33a56c44b90cbd5ce
0d0373923e2cdd33192fdfb4d06399fd
9eb0321402aadb116004721c5249ce61
-----END OpenVPN Static key V1-----
Setup pfSense
This document assumes that you have existing and working pfSense environment.
Step 5. Restart your OpenWRT box and watch your pfSense firewall and OpenVPN logs.
Links
/1/ http://www.pfsense.com
/2/ http://www.openwrt.org
/3/ http://unixhelp.ed.ac.uk/vi/index.html
/4/ http://www.netfilter.org