VyprVPN OpenVPN Setup for OpnSense/pfSense
Please note: We offer limited support for this configuration due to many variables that can cause connection or performance issues. We cannot guarantee VyprVPN's performance or functionality on your router.
Use the instructions below to configure an OpenVPN connection on your OpnSense or pfSense router:
- Download the VyprVPN Certificate
- System --> Trust --> Authorities --> Import VyprVPN CA Cert (copy & paste it in from a text editor), name it VyprVPN
- VPN --> OpenVPN --> Clients --> Add (with following settings)
- Server Mode: Peer to Peer (SSL/TLS)
- Protocol: UDP
- Device Mode: tun
- Interface: WAN
- Local port: (blank/empty)
- Server host or address: use the server address of your preferred location found here
- Server port: 443
- Proxy host or address: (blank/empty)
- Proxy port: (blank/empty)
- Proxy authentication extra options: none
- Server host name resolution: (unchecked)
- Description: VyprVPN
- User name/pass: Username: (your email address)
- Password: (your password)
- Cryptographic Settings
- TLS Authentication: (unchecked)
- Peer Certificate Authority: VyprVPN (see above, Import CA)
- Client Certificate: None (Username and Password Required)
Encryption algorithm: AES-266-CBC (256 bit key, 128 bit block)
Auth Digest Algorithm: SHA256 (256-bit)
Hardware Crypt: (use it if you have it, e.g. Intel RDRAND engine - RAND)
- Tunnel Settings (all blank or unchecked except)
- Compression: Enable with Adaptive Compression
- Advanced (add these to advanced, replace "server.address" with the server address used in step 9):
resolv-retry infinite keepalive 10 60 persist-key persist-tun persist-remote-ip verify-x509-name server.address name verb 3 tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA redirect-gateway autolocal
(Check the logs to validate the server address above to match the certificate and server you are connecting to)
- Verbosity Level: 3 (Recommended)
Start your client and look at the logs. You should get a successful startup, but you are not done yet:
openvpn[49494]: Initialization Sequence Completed
- Firewall --> NAT --> Outbound --> Set to Hybrid
- Add a manual rule
- Interface: OpenVPN, leave the rest as defaults and save
- Check our IP address checker pageto verify that you are successfully connected.
If you need any further assistance, please contact our 24/7 Customer Success Team, who would be glad to assist.