Setup FastestVPN on pfSense


Step #1: Access pfSense via web browser and go to “System” and then click “Cert. Manager”.

Fastest VPN for pfSense


Step #2: Click on “CAs” and click “+Add” button.

Fastest VPN for pfSense


Step #3: Fill out the required fields as below

  • Descriptive name: FastestVPN_OVPN_CA
  • Method: Import an existing Certificate Authority
  • Certificate data: Download the certificate text file from here. Open it and copy the text between <ca> </ca> tags. Paste that text into “Certificate Data” field.
    Image of certificate text is given below for your reference.Now click on “Save

Fastest VPN for pfSense

Fastest VPN for pfSense


 You will see that a connection is created. (not connected currently).

Fastest VPN for pfSense


Step #4: Go to “VPN” select “OpenVPN“. Now click on “Clients” and then press “+Add” button

Fastest VPN for pfSense

Fastest VPN for pfSense


Step #5: Select/ write as instructed below:

  • Server mode: Peer to Peer (SSL/TLS)
  • Protocol: TCP on IPv4 only (or you can also select UDP)
  • Device mode: TUN – Layer 3 Tunnel Mode
  • Interface: WAN
  • Server host or address: FastestVPN TCP server address if you selected TCP in “Protocol” option above. If you selected UDP, then enter a UDP server address.

Here as an example I entered Australia-TCP server address which is au-sd-ovtcp-01.jumptoserver.com

Complete list of server addresses is available here. Make sure to enter correct address for TCP and UDP.

  • Server port: 4443
  • Description: FastestVPN (or any name as per your choice)

Fastest VPN for pfSense


Step #6: In “User Authentication Settings” section, enter your FastestVPN User name and password.

Fastest VPN for pfSense


Step #7: In “Cryptographic Settings” section, do the following.

    • Put a check mark on “:Use a TLS key
    • Uncheck “Automatically generate a shared TLS authentication key
    • Enter TLS key : TLS Key is the text between <tls-auth> </tls-auth> tags in the certificate data file which you’ve already downloaded in step 3.

Image of TLS Key for your reference is given below.

Fastest VPN for pfSense

  • TLS Key Usage mode: TLS Authentication
  • Peer Certificate Authority: FastestVPN_OVPN_CA
  • Client Certificate: None (username and/or password required)
  • Encryption Algorithm: AES-256-CBC (256-bit key, 128 bit block)

Fastest VPN for pfSense


Step #8: Uncheck “Enable Negotiable Cryptographic Parameters
Select “SHA (256 bit)” in Authentication digest Algorithm.
Select “No Hardware Crypto Acceleration” in Hardware Crypto

Fastest VPN for pfSense


Step #9: Do the following.

  • Compression: LZO Compression
  • Topology: Subnet – One IP address per client in a common subnet
  • Don’t Pull routes: Uncheck “Bars the servers from adding route to the client’s routing table
  • Don’t add/ remove routes: Uncheck “Don’t add/ remove routes automatically”

Fastest VPN for pfSense


Step #10: In “Advanced configurations” section do the following:

    • Custom options: Type following text.
      auth-nocache
      tls-client
      keepalive 10 60
      ping-timer-rem

 

    • Send Receive Buffer: 512 Kib
    • Click on “Save”

 

Fastest VPN for pfSense

A connection will be created as in the below image.

Fastest VPN for pfSense


Step #11: Go to “Status” and press “OpenVPN”. There you will see the FastestVPN connection Status as “up”.”

Fastest VPN for pfSense

Fastest VPN for pfSense


Step #12: Go to “Interfaces” and select “Assignments

Fastest VPN for pfSense


Step #13: Do the following.

    • Enable: Check “Enable interface”
    • Description:FastestVPN
    • IPv4 Connection Type: DHCP
    • IPv6 Configuration Type: None

 

  • Keep saving all settings.

Fastest VPN for pfSense


Step #14: Go to “Services” and select “DNS Resolver

Fastest VPN for pfSense


Step #15: In “General Settings”, follow this:

  • Enable: Check “Enable DNS Resolver”
  • Listen Port: 53
  • Network Interface: All
  • Ongoing Network Interface: FastestVPN
  • System Domain Local Zone Type: Transparent
  • DNSSEC: Check “Enable DNSSEC support”
  • DNS Query Forwarding:Check “Enable Forwarding Mode”
  • DHCP Registration: Check “Register DHCP static mapping in the DNS resolver”
  • Static DHCP: Check “Register DHCP Static mapping in the DNS resolver”
  • Click on “Save

Fastest VPN for pfSense


Step #16: Go to “Advance Settings” and follow this.

    • Hide Identity: Check “id.server and hostname.bind queries are refused”
    • Hide Version: Check “version.server and version.bind queries are refused”
    • Prefetch Support: Check “Message cache elements are prefetched.
    • Prefetch DNS Key Support: Check “DNSKEYs are fetched earlier in the validation process”
    • Harden DNSSEC Data: Check “DNSSEC data is required for trust-anchored zones”

 

  • Keep saving all the settings.

Fastest VPN for pfSense


Step #17: Now go to “Firewall” and open “NAT”.

Fastest VPN for pfSense


Step #18: In “Outbound”, select “Manual Outbound NAT rule generation (AON-Advanced Outbound NAT) and then click on “Save

Fastest VPN for pfSense


Step #19: In Firewall> NAT > Outbound > Edit, follow these steps.

    • Disabled: Uncheck “Disable this rule”
    • Do not NAT : Uncheck “Enabling this option will disable NAT for traffic matching this rule”
    • Interface: FastestVPN
    • Protocol: any
    • Source: Network       192.168.1.0       24
    • Destination: any
    • Address: Interface address

 

  • Save all the settings

Fastest VPN for pfSense


You will see following screen.

Fastest VPN for pfSense


Step #20: Goto Firewall > Rules

Fastest VPN for pfSense


Step #21: Go to “LAN”, check 0/ 0 B and click on “Delete”

Fastest VPN for pfSense


Step #22: Now check on 0/ 118 KiB and press pencil sign to edit.

Fastest VPN for pfSense


Step #23: Follow this:

  • Action: Pass
  • Disabled: Uncheck “Disable this rule”
  • Interface: LAN
  • Address Family: IPv4
  • Protocol: Any
  • Source: LAN net
  • Destination: any
  • Description: Default allow LAN to any rule – Edit – Gateway changed to FastestVPN
  • Advance Option: View Advance settings

Fastest VPN for pfSense


Step #24: In “Gateway”, Select “FastestVPN_DHCP_Interface FastestVPN_DHCP Gateway“. Save all settings

Fastest VPN for pfSense

Fastest VPN for pfSense


Step #25: Go to System> General Setup

Fastest VPN for pfSense


Step #26: In DNS Server settings section , set DNS server as “10.8.8.8 and select “FastestVPN_DHCP-opt1-
Check “Allow DNS server list to be overridden by DHCP/ PPP on WAN. Save settings.

Fastest VPN for pfSense