other:networking:opnsense:site-to-site
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
other:networking:opnsense:site-to-site [2021/03/08 01:41] – rodolico | other:networking:opnsense:site-to-site [2023/09/27 08:19] (current) – rodolico | ||
---|---|---|---|
Line 48: | Line 48: | ||
- one CA (you can use an existing one) **Note: with v21.1.2, it appears you have to create a separate one** | - one CA (you can use an existing one) **Note: with v21.1.2, it appears you have to create a separate one** | ||
- System | Trust | Authorities | Add or import CA | - System | Trust | Authorities | Add or import CA | ||
+ | - Descriptive Name: You can enter anything here, with spaces. This will be what you will select/ | ||
- **Method:** Create an internal Certificate Authority | - **Method:** Create an internal Certificate Authority | ||
- | - Fill in the rest of the form. | + | - Fill in the rest of the form down to Common Name. I generally change the Lifetime depending on the application. |
- **Common Name:** No spaces, but use something you can recognize like " | - **Common Name:** No spaces, but use something you can recognize like " | ||
- Save | - Save | ||
Line 55: | Line 56: | ||
- one Server Certificate | - one Server Certificate | ||
- System | Trust | Certificates | Add or import certificate | - System | Trust | Certificates | Add or import certificate | ||
+ | - Descriptive Name: You can enter anything here, with spaces. This will be what you will select/ | ||
- **Method:** Create an internal Certificate | - **Method:** Create an internal Certificate | ||
- **Certificate Authority: | - **Certificate Authority: | ||
- **Type:** Server Certificate | - **Type:** Server Certificate | ||
- | - Fill in the rest of the form | + | - Fill in the rest of the form down to Common Name. I generally change the Lifetime depending on the application. |
- **Common Name:** again, use something descriptive with no spaces | - **Common Name:** again, use something descriptive with no spaces | ||
- Save | - Save | ||
- **Do not export this certificate** | - **Do not export this certificate** | ||
- | - one User Certificate for each remote (client) site | + | - one Client |
- System | Trust | Certificates | Add or import certificate | - System | Trust | Certificates | Add or import certificate | ||
+ | - Descriptive Name: You can enter anything here, with spaces. This will be what you will select/ | ||
- **Method:** Create an internal Certificate | - **Method:** Create an internal Certificate | ||
- **Certificate Authority: | - **Certificate Authority: | ||
- **Type:** Client Certificate | - **Type:** Client Certificate | ||
- | - Fill in the rest of the form | + | - Fill in the rest of the form down to Common Name. I generally change the Lifetime depending on the application. |
- **Common Name:** again, use something descriptive with no spaces. You should really use the target (client) name or something in this. | - **Common Name:** again, use something descriptive with no spaces. You should really use the target (client) name or something in this. | ||
- Save | - Save | ||
Line 73: | Line 76: | ||
- Export the client key created | - Export the client key created | ||
- Create OpenVPN Server | - Create OpenVPN Server | ||
+ | - VPN | OpenVPN | Servers | Add (or Use a Wizard) | ||
- **Server Mode:** Peer to Peer (SSL/TLS) | - **Server Mode:** Peer to Peer (SSL/TLS) | ||
- **Protocol: | - **Protocol: |
other/networking/opnsense/site-to-site.1615189278.txt.gz · Last modified: 2021/03/08 01:41 by rodolico