OpenVPN - Create a new user

To follow this procedure you need administrative access to the OPNSense firewall.

Create user

•  Navigate to:
  • System -> Access -> User
• Click on the + (Add) button

This will open a form where you can configure the new user.

Configure User Details

Fill in the required fields:

• Username
• Password
• (Optional) Description or additional details

These credentials will be used by the user to connect to the VPN.

It's fundamental to add the user to the vpn_users group under Group membership.
Without this step, the user will not be able to access the VPN.

Create / Assign User Certificate

To allow OpenVPN authentication, a certificate must be associated with the user.

• Navigate to:
  • Trust -> Certificates section
  • Click “+ Add”

Fill in the fields:

• Description: name.surname
• Issuer: select your CA (e.g. OpenVPN-auth)
• Lifetime: 18262
• Common name: name.surname

Save the certificate.

Export OpenVPN Configuration

After creating the user you can now generate the client configuration file.

• Go to:
  VPN → OpenVPN → Client Export

You will see the list of users where you can download the configuration, it will download a .ovpn file.

Install and Configure OpenVPN Client

On the user’s device:

1. Install the OpenVPN client
   (Windows / macOS / Linux / Mobile)
2. Import the .ovpn file
3. Enter:
   • Username
   • Password