How can I Set up and Use ExpressVPN on pfSense
- Updated: June 1, 2023
- 0 User Reviews
- Gerald Hunt
You can set up and use ExpressVPN on pfSense through OpenVPN connect protocols. Follow our easy step-by-step guide and you’ll be good to go in no time.
Setting up ExpressVPN on your pfSense router is only challenging if you’ve never done something like this before.
ExpressVPN is one top VPN that conquers all geo-restrictions and offers the privacy you could only imagine being offered. Learn more about this VPN and all the features that it offers through our ExpressVPN review.
How to Set up ExpressVPN on pfSense
You can set up ExpressVPN on pfSense using OpenVPN by following the steps below. This guide uses a 192.168.1.0/24 setup network.
1. Configure your pfSense router. After that, sign in to your ExpressVPN account to download a VPN configuration file. Choose Set up other devices > Manual Configuration.
2. Choose OpenVPN from the right side of your screen. Your username, password, and several OpenVPN configuration files will be displayed on your screen. Note your credentials down from there.
3. Choose the OpenVPN configuration file of your preferred location and download it.
4. Open a new browser and sign in to your pfSense router.
5. Go to Systems, then Cert. Manager, then CAs. Click Add. Insert the following details and save them:
- Descriptive name: ExpressVPN
- Method: Import an existing CA
Certificate data: Using any text editor, click on the downloaded OpenVPN configuration file in step 6. Once you’re done, you will find the text wrapped within the <ca> portion of the file. Copy the entire thread from —–BEGIN CERTIFICATE—– to —–END CERTIFICATE—– and paste it in this section.
- Certificate Private Key (optional): Leave it empty
- Serial for next certificate: Leave it empty
7. Choose Certificates on the Cert. Manager page. Click Add after this. Then, add a new certificate. Press Save after entering the following details:
- Method: Import an existing Certificate for this.
- Descriptive name: ExpressVPN Cert (or any name you desire)
- Certificate data: Click open the OpenVPN configuration file as in step 5. Then, you will find the text wrapped within the <cert> part of the file. Copy the thread from —–BEGIN CERTIFICATE—– to —–END CERTIFICATE—– and paste the entire thread here.
- Private vital data: Still on the text editor, you will find the text wrapped within the <key> segment of the file. Copy the entire thread from —–BEGIN RSA PRIVATE KEY—– to —-END RSA PRIVATE KEY—- and paste it here.
8. Press VPN on the top of your screen. After that, click OpenVPN, then Client. Select Add from the bottom of your screen and click Save after entering the following details:
- General Information:
- Disabled: Don’t tick.
- Server mode: Peer to Peer (SSL/TLS)
- Protocol: UDP
- Device mode: tun
- Interface: WAN
- Local port: Leave it empty
- Server host or address: Just like step 5, open the OpenVPN configuration file. You will find the text that starts with remote and then a server name. Please copy the server name thread in this section.
- Server port: From the OpenVPN configuration file, copy and paste the port number here.
- Proxy host or address: Leave it empty
- Proxy port: Leave it empty
- Proxy Auth. – Extra Options: none
- Server hostname resolution: Check it.
- Description: Use any name you want to keep
- User Authentication Settings
- Username: the username of your ExpressVPN account
- Password: the username of your ExpressVPN password
- Cryptographic Settings
- TLS authentication: Check it
- Key: Like in step 5, open the downloaded OpenVPN configuration file. You will find the text wrapped within the <tls-auth> segment of the file. Ignore the “2048-bit OpenVPN static key” entries and start copying the thread from —–BEGIN OpenVPN Static key V1—– to —–END OpenVPN Static key V1—–
- Peer Certificate Authority: In step 5 above, choose the “ExpressVPN” entry that you created.
- Client Certificate: Choose the “ExpressVPN Cert” entry that you created in step 6 above.
- Encryption Algorithm: Like in step 5, open the downloaded OpenVPN configuration file. You will find the text cipher. Select it.
- Auth digest algorithm: Just like step 5, open the downloaded OpenVPN configuration file. You will find the text auth followed by the algorithm after. Select it.
- Hardware Crypto: Leave this section at No Hardware Crypto Acceleration unless you know that your pfSense supports hardware cryptography.
Insert the data below if you’re using a pfSense 2.4:
- Untick Automatically generate a TLS Key
- Set the Usage Mode to TLS Authentication
- Untick Enable Negotiable Cryptographic Parameters
- Please ignore the NCP Algorithms section
- IPv4 Tunnel Network: Leave it empty
- IPv6 Tunnel Network: Leave it empty
- IPv4 Remote network(s): Leave it empty
- IPv6 Remote network(s): Leave it empty
- Limit outgoing bandwidth: Input limit at your discretion (leave the section empty for no limit)
- Compression: Enabled with Adaptive Compression
- Topology: Leave the default “Subnet — One IP address per client in a common subnet.”
- Type-of-Service: Don’t tick
- Disable IPv6: Tick the box. Note that this box will be absent if you’re using a pfSense 2.4.
- Don’t pull routes: Tick.
- Don’t add/remove routes: Don’t tick.
If you’re using a pfSense 2.4, you’ll need to set Compressing to Adaptive LZO Compression.
- Custom Options: Copy and paste the following thread:
- fast-io;persist-key;persist-tun;remote-random;pull;comp-lzo;tls-client;verify-x509-name Server name-prefix;remote-cert-tls server;key-direction 1;route-method exe;route-delay 2;tun-mtu 1500;fragment 1300;mssfix 1450;verb 3;sndbuf 524288;rcvbuf 524288
- Verbosity level: 3 (recommended)
Enter the data below if you’re using a pfSense 2.4:
- UDP FAST I/O: Check it.
- Send/Receive Buffer: 512 KB
- Gateway creation: IPv4 only
9. Go to Status > OpenVPN.
These are all the steps to configure ExpressVPN on pfSense router.
Why should I use ExpressVPN?
- 3,000+ Servers in 94 Countries
- Hard disk free infrastructure (RAM only)
- 256-bit Military-Grade Encryption
- Excellent unblocking capability for Netflix, Hulu & more
- 5 Multi Logins
- Zero-knowledge DNS
ExpressVPN maintains user privacy and security like no other VPN. This VPN takes even minor problems into account and solves them with its features.
Take the example of ExpressVPN’s kill switch, which disconnects the user from its wi-fi connection if the VPN connection drops. ExpressVPN also prevents DNS leaks when used on pfSense.
You can use this VPN easily on most devices you own. Even if you want to use ExpressVPN with Fire Stick, you can.
You can also use ExpressVPN with the following devices:
You can enjoy a speedy connection using its servers. Our ExpressVPN speed tests confirmed that this VPN offers an average speed of over 80 Mbps on a 100 Mbps connection on its servers.
This service is also torrent-friendly. You can use ExpressVPN’s P2P-optimized servers anytime you like.
When we talk about geo-restrictions, this VPN can unblock almost anything in a blink of an eye. It’s that quick and easy. Stream services like Disney Plus with ExpressVPN and enjoy content from all over the world.
You can also use ExpressVPN to stream anything you like:
If it doesn’t work or results in some error, go through our ExpressVPN not working guide.
ExpressVPN is one fantastic service to subscribe to for the rest of your life. But, unfortunately, ExpressVPN has discontinued its lifetime plan. Instead, you can subscribe to any other plan that this VPN provider offers.
It’s normal to be hesitant about a service you haven’t used before. Just go for ExpressVPN’s free trial if that’s the case. You can also cancel your ExpressVPN subscription easily, so don’t worry too much about this.
Why is my ExpressVPN not working?
The most likely cause of your ExpressVPN app not working must be server overload, a bad internet connection, or an outdated app.
This is how you can solve them:
1. Switch your server:
Your ExpressVPN might stop working if there’s a server overload. Try switching your server for a faster connection. If this method works, then this will solve your issue immediately.
2. Update your ExpressVPN app:
Connection errors are also faced when the app is outdated. Try updating your application and then run it. Keep your app up-to-date to receive efficient service.
This ends the article on ExpressVPN on your pfSense router. You can use this step-by-step guide to configure ExpressVPN on pfSense, after which, you can bump ExpressVPN 5 simultaneous connection limited to unlimited devices. If you wish to set up ExpressVPN on some other router, check out our ExpressVPN router setup guide.