One way that you can set up an OpenVPN server is with pfSense's server configuration wizard, which you can find by clicking on the Wizards tab. The only option on the first page is the Type of Server drop-down box. It allows you to choose between Local User Access (authentication through certificates), LDAP (authentication through Lightweight Directory Access Protocol), or RADIUS (authentication through a Remote Authentication Dial-In User Service server).

Whichever setting you choose for Type of Server determines what the next page of the wizard contains. If you select Local User Access, you will have to enter certificate and certificate authority information; if you select LDAP, you will have to provide information about the LDAP server; and if you choose RADIUS, you will have to provide information about the RADIUS server. After that, you will be directed to the Server Setup screen, where you can enter information about the OpenVPN server. This is similar to the OpenVPN server configuration page that we covered earlier in this section, with some notable exceptions. The Inter-Client Communication option, if enabled, allows for communication between different clients connected to the server. If Duplicate Connections is enabled, multiple concurrent connections using the same common name will be allowed.

For more examples of options not available on the server configuration page, scroll down to Client Settings. Dynamic IP, if enabled, will allow connected clients to retain their connections, even if their IP address changes. The Topology drop-down menu allows you to select a method used to supply virtual IP addresses to clients when using IPv4 TUN mode. You can choose Subnet – One IP address per client in a common subnet (the default) or net30 – Isolated /30 network per client, giving each client two IP addresses. This option may be necessary for older clients (before version 2.0.9 of OpenVPN).

The next step of the wizard covers configuration of the necessary firewall rules. You will need, at a minimum, a rule to permit connections on the OpenVPN port, and another rule to allow traffic to pass inside the VPN tunnel. This page allows you to easily create either or both rules, by just checking the appropriate checkboxes. When you are done, click on Next. You should see a message acknowledging that configuration is complete. When you do, click on Finish.