Adding OpenVPN Remote Access Users

Adding users to the VPN using Local Database as OpenVPN server authentication method and backend See also

OpenVPN authenticates local database users based on their entries in the user manager.

To create a new user with a certificate, follow these steps:

• Navigate to System > User Manager

• Click ![fa-plus] To add a user

• Fill in the settings as follows:

  Username

  The username for this client.

  Password/Confirm password

  The password for this client.

  Full Name

  An optional longer name for this user.

  Click to create a user certificate

  Checked

  Descriptive Name

  Same value as the Username

  Certificate Authority

  The CA used by the OpenVPN server.

  Key Type

  The type of private key to use for this certificate, either RSA or ECDSA and its accompanying Key Length (RSA) or Curve (ECDSA). The default is an acceptable choice.

  Lifetime

  The number of days for which the certificate is valid. The default of 3650 (approximately 10 years) is acceptable for a user certificate.

  ![../_images/openvpn_ra-usercert.png]

• Click Save

To view or change the user:

• Navigate to System > User Manager

• Click ![fa-pencil] next to the row containing the user to see/edit

To export a user certificate and key:

https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-ra-users.html