Anyone had luck using pfsense vpn client to connect to HTB?

Off-topic
1

Did anyone had luck using openvpn client that is on pfSense to connect to HTB?
If yes, Please write tutorial or something like that.

2

At this point I am guessing you figured it out or gave up but for anyone else I can help. Going to give general steps, feel free to message for details.

  1. Get the UDP version of the OpenVPN config file from HTB
  2. In pfSense download “openvpn-client-import”
  3. Use the importer and import the HTB OpenVPN config file.
  4. After importing the config file most of the settings will be correct except for the Custom Options under Advanced Configuration.
    4a. Add “;” to the end of each line and add the lines below (without the bullet).
  • comp-lzo no;
  • tls-cipher “DEFAULT:@SECLEVEL=0”;
  • persist-key;
  • persist-tun;
  • remote-cert-tls server;
  1. Routing is automatic along with the firewall rules.
  2. Add the interface, under Interface Assignments click +Add and select the network port created by OpenVPN. Don’t forget to save.
  3. At this point you should be connected, you can view status under Status>OpenVPN, take note of Virtual Address for next step.
  4. If you need the HTB Host to connect back to your network (for example in a reverse shell) you can add a Port Forward with the following settings
  • Interface: <the VPN interface>
  • Protocol: ANY
  • Source Address/Source Ports/Dest. Ports/NAT Ports: *
  • Dest. Address: <the Virtual Address from step 7>
  • NAT IP: <the IP of your Host>

On another note if you are using WSL2 so you can use both Linux and Windows for the labs you need to change the interface settings for WSL2.

  1. Close WSL2 <wsl --shutdown> in powershell
  2. Open Hyper-V Manager as an admin (I think you can do this also with VMware’s Virtual Network Manager if you don’t have Windows Pro)
  3. Open Virtual Switch Manager
  4. Under the WSL’s Virtual network switch change the connection type to “External Network”
  5. After you load back into WSL you need to run <sudo dhclient -r> then to get an IP from DHCP.

I bring this up only because this is what drove me to use the router as the VPN client, so I could use both Windows and Linux at the same time for labs.

-JohnOrion