In “Local Network” instead we will indicate the LAN network to which you want to give remote access, if there are multiple LAN networks to which we want to give access, you can enter them by separating them with a comma.At this point the wizard asks us if we want to insert the Firewall Rule associated with the WAN interface and the one with the OpenVPN virtual interface, by ticking both will automatically create.Let’s now see in detail the completed server configuration, as anticipated it is a basic configuration but we can always restrict security, for example by setting the maximum number of client accesses in “Concurrent connections”, or increase the level of encryption. In the “Cryptographic Settings” section we can leave everything by default.In the “Tunnel Settings” section it will be necessary to indicate a “Tunnel Network” that we could choose at random, making sure that it is not the same as other known networks or public networks, in fact it is the virtual network that will use the VPN. In the “Description” item we choose the name with which we want to identify the server. We choose the protocol to be used and the port dedicated to the service (default for OpenVPN is UDP 1194). It is appropriate to consider that the port that we will choose for the VPN must be open on the listening interface, therefore if we are behind a Router of some ISP it will be necessary to be able to open the door to the interface of our Firewall, if instead we have the possibility of having a Public IP address directly configured on the Firewall interface will be sufficient to create an associated rule (as we will see later). In the “Interface” item we select the interface on which we want our service to listen, if we have more than one WAN interface we choose the one we want to dedicate to the service, if we want later we can select multiple interfaces for greater redundancy. Let’s start by selecting Local User AccessAt this point it is time to create our CA, as a necessary parameter we must enter a “Descriptive name” that will allow us to identify it, while all the other parameters can be left by default.Let’s move on to creating the Server Certificate to be associated with our VPN server, as perl the CA will require a “Descriptive name” and leave the other default parameters.Now the actual VPN server configuration. We also proceed from the convenient Wizard that will allow us to easily create our CA (Certification Authority), the Server Certificate and the configuration of the RW VPN Server these components can also be created individually.
Correct operation can be verified by the icon which will turn white.Or by positioning the cursor over the icon, a popup will be shown with the information relating to the connection.First of all, from our top menu, go to VPN/ OpenVPN/ Servers. To connect to the VPN, select the Tunnelblick icon and select the loaded profile.Login credentials will be requested.Once inserted and given OK, the VPN will activate. As explained in the instructions, to load the VPN configuration, simply drag the configuration file to the icon of Tunnelblick:Or click on the tunnelblick icon and select VPN DetailsAnd dragging the file into the configuration section.You will be asked whether to save the configuration for the single user or for all users on the PC.The configuration has now been loaded. The Tunnelblick icon will be present in the menu bar. Selecting “ I have no configuration file” a folder containing an example configuration file will be created on the desktop, and the editor will automatically open to edit the file. We recommend downloading the latest Stable version availableOnce downloaded, run the downloaded programDouble click on Tunnelblick iconAllow the opening of the applicationClick Continue and we will receive the notice of successful installation of the program.Automatically the program starts and asks us if we already have a configuration file.īy selecting the “ I have a Configuration file” option, the instructions for uploading the VPN configuration file are shown. Mojave, quite similar to the other versions.ĭownload the version of Tunnelblick. This guide shows you how.[ Tunnelblick installation for MacOS
#Pfsense openvpn tunnelblick install#
To connect our MAC to the corporate VPN system, we need to download, install and configure the Tunnelblick program and the digital certificate of the VPN.