The chances are that if you use a pfSense-powered firewall or router, you are more than serious about your cyber-security. So, without any surprise, you’ll want to utilize a VPN service as well. Let’s talk about how to set up and use ExpressVPN on pfSense.Â
1. First, let’s help you get your ExpressVPN subscription. Â
2. You’ll land on ExpressVPN’s site, where you need to click on 'Get ExpressVPN.'
3. Now, pick a subscription plan (long-term ones come with considerable savings).Â
4. Enter your email address and then proceed to pay for your new subscription.Â
5. Once done, ExpressVPN will send you a confirmation email, so check your inbox.Â
6. This is when you need to return to ExpressVPN’s website (go to its home page).Â
7. Click on 'My Account' using the top-right placed menu (the website’s main menu).Â
8. Provide your ExpressVPN credentials and select 'Sign In.'
9. You’ll be asked for a verification code, which you can copy from your email inbox.Â
10. At this moment, you should be looking at your ExpressVPN online dashboard.Â
11. Select 'Set Up Other Devices' and expect to see a new page open.Â
12. Then, pick 'Manual Configuration' on the right. On the left, select 'OpenVPN.'
13. Make a note of your OpenVPN username and password (on the right side).Â
14. Just below, pick any VPN server and download its associated OVPN file.Â
15. Now, log in to your pfSense device and access its interface.Â
16. Using the top-placed navigation bar, go to System > Cert. Manager.Â
17. Select the CA tab and click on '+ Add.' Then, enter the following information.Â
18. Double-check if you’ve entered everything correctly. Then, click on 'Save.'
19. Now, select 'Certificates' and click on '+ Add.'
20. You’ll be asked for a series of information. So, use the following.
21. Recheck if you’ve entered everything correctly and hit the 'Save' button.Â
22. Using the top navigation bar, go to VPN > OpenVPN.
23. Select 'Clients' and click on the '+ Add' button.Â
24. You’ll be asked for various information again. So, check out just below.Â
25. Fill out the information in the 'General Information' group, based on the following.
26. Now, take a look at the 'User Authentication Settings' group.Â
27. Your username is found on your online dashboard (your OpenVPN username).Â
28. Your password is also found on your dashboard (OpenVPN password).Â
29. Then, fill out the 'Cryptographic Settings' fields based on the following.Â
30. Then, take a look at the 'Tunnel Settings' group of fields.Â
31. Fill them out based on the following information.Â
32. Now, you should see looking at the 'Advanced Configuration' group of fields.Â
31. First, make sure to take a look at the 'Custom Options' field.Â
32. Then, copy the following code.
fast-io;persist-key;persist-tun;remote-random;pull;comp-lzo;tls-client;verify-x509-name Server name-prefix;remote-cert-tls server;key-direction 1;route-method exe;route-delay 2;tun-mtu 1500;fragment 1300;mssfix 1450;verb 3;sndbuf 524288;rcvbuf 524288
33. Now, fill out the rest of the fields based on the following instructions.Â
34. Once you’ve entered the required information, go ahead and click on 'Save.'
35. We now need to route your WAN traffic through your VPN tunnel.Â
36. Using the top navigation bar, go to Interfaces > Interface Assignments.Â
37. Click on '+ Add,' and a new interface will be created.Â
38. For 'OPT 1,' make sure to select 'ovpnc1' and then go ahead with 'Save.'
39. Using the top navigation bar, go to Interfaces > OPT1.Â
40. Then, enter the required information based on the following.Â
41. Now, use the 'Save' button and then click on 'Apply Changes.'
42. Using the top navigation bar, go to Firewall > Aliases.Â
43. Once again, click on '+ Add,' and come up with a name for your network alias.Â
44. Then, enter the following information.Â
45. Save your changes and then go to Firewall > NAT > Outbound.Â
46. For 'Mode,' select 'Manual Outbound NAT Rule Generation.'
47. Once again, save your changes by using the Save > Apply Changes route.
48. Scroll down to 'Mappings,' where you should see your existing WAN connections.Â
49. For the first WAN connection entry, click on the Copy icon (below 'Actions').Â
50. For 'Interface,' make sure to select 'EXPRESSVPN.'
51. Don’t forget to save your changes.Â
52. Now, repeat that same process for any other WAN entries you might have.Â
53. Lastly, you need to create a rule for your local traffic. Go to Firewall > Rules.Â
54. Select 'LAN,' and then click on 'Add' on the far left.Â
55. Fill out the required information based on the following.Â
56. Finally, save and apply all your changed by going to Save > Apply Changes.Â
57. One more thing. You need to check whether your VPN connection works.Â
58. Go to Status > OpenVPN. Then, check for 'Up' in the 'Status' column.Â
That would be all on how to set up ExpressVPN on pfSense. We understand that this is a highly complex procedure. So, in case you have any questions or doubts, make sure to let us know via the comments section below. And lastly, thank you for reading!