Open OpenVPN/PIA Issues in PFsense - Peer Certificate Authority

DIY · December 14, 2023, 4:16pm

Hello all

I am really struggling to get OpenVPN functioning on my SG1100.

I am running pfsense+ version 23.09…

As ever Tom has been a great help via YT. I have been using this episode as my guide.

Within the setting up of PIA in pfsense there appears a major difference in authenticating PIA within >> VPN>> clients>> add>> configuration page.

When Tom authenticates in the you tube video it simply a drop down box and he selects “PIA”.

This option is not there and PFsense asks for “peer certificate authority”.

It then gives them the option of going to system> certificate manager in order to do so.

My question is how do I do this and what are the correct criteria that PIA will understand?

I had a go and failed because when I ran OpenVPN status I had a TLS error…

I really hope this makes sense.

Regs

Rupert

neogrid · December 14, 2023, 4:49pm

You create your own Certificate Authority under System >>Certificate >> Authorities.
You can get the cert data to paste into the CA when you generate your client certs from your VPN provider. Or at least that’s how I did it when using AirVPN, must be similar for PIA.

Paul · December 14, 2023, 5:17pm

Watch from 4:30, you need to download the certificate from PIA , then install it within PFSense

PIA instructions PIA Support Portal

DIY · December 15, 2023, 5:55pm

Thanks one and all…

Managed to get this sorted and PIA is now fully functional…

Have a great w.e.

Rupert