pfSense OpenVPN server setup

1. System - Certificate Manager CAs (Certificate Authority) / Create a new Certificate Authority.
   System-Certificate Manger-CAs - Create new
   descriptive name ( pfsense firewall) or smth that you want
   method create an internal certificate authority
   fill State province city country etc
   
   
2. Create a SERVER certificate
   
   1. System\Certificate Manager\Certificates\ add
   2. Create an internal Certificate
   3. Name: company-vpn
   4. Common Name : "company"-cn
   5. Certificate type : Server Certificate
3. Create users... Go to : System - User manager and create the Users that you want to connect to vpn. Click to create a user certificate (new certificate from the same screen , by choosing the CA you just created on step1)
4. Create the OpenVPN server
   
   1. VPN\OpenVPN\Wizards
   2. Type of server : Local user access
   3. Cert authority : PfsenseFirewall
   4. Certificate: company-vpn
   5. Interface--- Chose what interface you want to connect from.
   6. Protocol UDP4 on IPV4 only
   7. Tunnel Network : Here you type the Internal network that your vpn's will connect through. (e.g. 10.20.30.0/24)
   8. check redirect gateway : ON/OFF choose
   9. Local network(s) : Type the LAN IP of the company. (e.g. 192.168.2.0/24)
   10. Concurrent connections : Number
   11. Interclient communication: ON
   12. DNS settings : the AD domain (e.g. mazars-gr.local)
   13. DNS Servers: the Domain Controller or the pfsense
   14. Click next
   15. Firewall Rule [x]
   16. OpenVPN rule [x]
       
       
5. Go to Firewall - Rules - (Interface you choose on 4.5)
   Find OpenVPN Remote-Access Wizard Rule and Edit.
   Change Destination from : (Interface) Adress to ----> any
6. VPN/ OpenVPN / Client Export
   Host Name Resolution: "company".dyndns.org
   Save as default.
7. Reboot pfsense in case you have restored configuration from basic setup. (because of domain name change , and hostname change)
8. IMPORTANT!! save pfsense configuration