How can we help?

VyprVPN OpenVPN Setup for pfSense

  • Updated

Please note: We offer limited support for this configuration due to many variables that can cause connection or performance issues. We cannot guarantee VyprVPN's performance or functionality on your router.

Use the instructions below to configure OpenVPN on pfSense:

Get VyprVPN's OpenVPN cert file here. Download the file and open in notepad. Copy all the content to your clipboard.

Adding Cert to pfSense:

  1. System -> Certificate Manager -> Add
  2. Name: VyprVPN
  3. Certificate Data: Paste the text from the cert here.
  4. Click Save.

You will be redirected to the certificate page and should see an email address, valid dates, and other information.

Setup OpenVPN in pfSense:

  1. VPN -> OpenVPN -> Clients (tab) -> Add
  2. Server Mode: Peer to Peer (SSL/TLS)
  3. Protocol: UDP IPv4 and IPv6 on all interfaces (multihome)
  4. Device Mode: tun - Layer 3 Tunnel Mode
  5. Interface: WAN
  6. Server host or address: Enter the address of your preferred server location found here.
  7. Server port: 443
  8. Description: VyprVPN (or whatever server you used)
  9. Username: Your VyprVPN email address
  10. Password: Your VyprVPN account password
  11. TLS Configuration: (uncheck)
  12. Peer Certificate Authority: VyprVPN (the certificate we added earlier)
  13. Client Certificate: none
  14. Encryption Algorithm: AES-256-CBC
  15. Enable NCP: (uncheck)
  16. NCP Algorithms: AES-256-CBC
  17. Auth Digest Algorithm: SHA256
  18. Compression: Adaptive LZO Compression

In the Advanced Configuration:

Custom options: Copy the following into this section:

resolv-retry infinite
keepalive 10 60
persist-key
persist-tun
persist-remote-ip
verify-x509-name server.address name
verb 3
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA
redirect-gateway autolocal

Change the "server.address" in the above text to the same one you used above in step 6.

Next set, Verbosity level: 3 (recommended)

Click save. To confirm the VPN is established and working, click on the Graph Icon (Tool Tip: Related Status). You should now see Status as UP and have a new IP Address. At this point, you will lose the ability to surf the web, this brings us to our last needed configuration.

Configure the Firewall in pfSense:

  1. Firewall -> NAT -> Outbound (tab)
  2. Mode: Select the third option, Manual.
  3. Click Save. (This will populate some default mappings)

For each mapping you will do the following:

  1. Copy the mapping (Under actions, the Paper on top of a Paper icon)
  2. This will bring you into the edit mapping, here you will change the Interface to OpenVPN.
  3. Click Save.

After you have done this for all of the mappings (there should have been 4 by default, 8 when you have copied each rule), you will have access to the internet again and be tunneling through VyprVPN.

You can confirm your connection status here.

(Note: If you have an IPv6 address, you can use the steps below to disable it in pfSense firmware. Since VyprVPN does not support IPv6, your IPv6 address will be visible online if IPv6 is not disabled)

To disable IPv6:

  1. System -> Advanced -> Networking (tab)
  2. Allow IPv6: (uncheck)
  3. Click Save

If you need any further assistance, please contact our 24/7 Customer Success Team, who would be glad to assist.

Related articles