My network

  • Pfsense Server - This will be the OpenVPN server.
  • Pfsense Server IP: 10.50.0.0/24
  • MoFi 4G Router - This will be the OpenVPN client.
  • MoFi 4g Router IP: 192.168.1.0/24

Pfsense Setup

  • Server Setup: Server mode = Peer to Peer (Shared Key)
  • Protocol: TCP
  • Device Mode: tun
  • Interface: WAN
  • Port: 1194
  • Description: what ever makes you happy babby

Cryptographic Settings

  • Shared Key: Automatically generate a shared key
  • Encryption Algorithm: AES-128-CBC
  • Auth Digest SHA1 (160-bit)
  • Hardware Crypto: No Hardware Crypto

Tunnel Settings

  • IPv4 Tunnel Network: 10.2.2.0/24
  • IPv6 Tunnel Network:
  • IPv4 Remote network(s): 192.168.1.0/24
  • IPv6 Remote network(s):
  • Concurrent connections:
  • Compression: No Preference
  • Type-of-Service:
  • Duplicate Connection:
  • Disable IPv6:

Advanced Configuration

  • Custom options
push "route 10.50.0.0 255.255.255.0"
pull 192.168.1.0 255.255.255.0
  • Verbosity level: default


MoFi 4G Router

Lets setup the config file for openvpn.

Login to ssh on the MoFi Router.

cd /root && mkdir vpn
vi pf.conf
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
proto tcp-client
remote SERVERIPorHOSTNMAE 1194
ifconfig 10.0.2.2 10.0.2.1
keepalive 10 60
ping-timer-rem
push "route 192.168.1.0 255.255.255.0"
route 10.50.0.0 255.255.255.0
<secret>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
YOUR SUPER SECRET KEY HERE
-----END OpenVPN Static key V1-----
</secret>

Now lets make it start at boot time!

vi /etc/rc.local
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.

screen -dm -S openvpn openvpn /root/vpn/pf.conf

exit 0