other:networking:opnsense:site-to-site
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| other:networking:opnsense:site-to-site [2021/03/08 01:41] – rodolico | other:networking:opnsense:site-to-site [2023/09/27 08:19] (current) – rodolico | ||
|---|---|---|---|
| Line 48: | Line 48: | ||
| - one CA (you can use an existing one) **Note: with v21.1.2, it appears you have to create a separate one** | - one CA (you can use an existing one) **Note: with v21.1.2, it appears you have to create a separate one** | ||
| - System | Trust | Authorities | Add or import CA | - System | Trust | Authorities | Add or import CA | ||
| + | - Descriptive Name: You can enter anything here, with spaces. This will be what you will select/ | ||
| - **Method:** Create an internal Certificate Authority | - **Method:** Create an internal Certificate Authority | ||
| - | - Fill in the rest of the form. | + | - Fill in the rest of the form down to Common Name. I generally change the Lifetime depending on the application. |
| - **Common Name:** No spaces, but use something you can recognize like " | - **Common Name:** No spaces, but use something you can recognize like " | ||
| - Save | - Save | ||
| Line 55: | Line 56: | ||
| - one Server Certificate | - one Server Certificate | ||
| - System | Trust | Certificates | Add or import certificate | - System | Trust | Certificates | Add or import certificate | ||
| + | - Descriptive Name: You can enter anything here, with spaces. This will be what you will select/ | ||
| - **Method:** Create an internal Certificate | - **Method:** Create an internal Certificate | ||
| - **Certificate Authority: | - **Certificate Authority: | ||
| - **Type:** Server Certificate | - **Type:** Server Certificate | ||
| - | - Fill in the rest of the form | + | - Fill in the rest of the form down to Common Name. I generally change the Lifetime depending on the application. |
| - **Common Name:** again, use something descriptive with no spaces | - **Common Name:** again, use something descriptive with no spaces | ||
| - Save | - Save | ||
| - **Do not export this certificate** | - **Do not export this certificate** | ||
| - | - one User Certificate for each remote (client) site | + | - one Client |
| - System | Trust | Certificates | Add or import certificate | - System | Trust | Certificates | Add or import certificate | ||
| + | - Descriptive Name: You can enter anything here, with spaces. This will be what you will select/ | ||
| - **Method:** Create an internal Certificate | - **Method:** Create an internal Certificate | ||
| - **Certificate Authority: | - **Certificate Authority: | ||
| - **Type:** Client Certificate | - **Type:** Client Certificate | ||
| - | - Fill in the rest of the form | + | - Fill in the rest of the form down to Common Name. I generally change the Lifetime depending on the application. |
| - **Common Name:** again, use something descriptive with no spaces. You should really use the target (client) name or something in this. | - **Common Name:** again, use something descriptive with no spaces. You should really use the target (client) name or something in this. | ||
| - Save | - Save | ||
| Line 73: | Line 76: | ||
| - Export the client key created | - Export the client key created | ||
| - Create OpenVPN Server | - Create OpenVPN Server | ||
| + | - VPN | OpenVPN | Servers | Add (or Use a Wizard) | ||
| - **Server Mode:** Peer to Peer (SSL/TLS) | - **Server Mode:** Peer to Peer (SSL/TLS) | ||
| - **Protocol: | - **Protocol: | ||
other/networking/opnsense/site-to-site.1615189278.txt.gz · Last modified: 2021/03/08 01:41 by rodolico