Home

Awesome

macos-openvpn-server

macOS OpenVPN Server and Client Configuration

This repo describes how to build an OpenVPN VPN server on macOS using pfctl and Tunnelblick.

This configuration provides a TLS-based VPN server using EC ed25519 certificates and UDP port 443, accessible by any OpenVPN client, especially iOS with the OpenVPN app.

OpenVPN iPad

Installation and Configuration Notes

net.inet.ip.forwarding=1
net.inet6.ip6.forwarding=1

This is known to work for macOS 11+. See previous versions of this repo for a launchctl-based approach

VPN Configuration Advantages

This OpenVPN configuration provides the following advantages:

Tunnelblick Configuration

Configure Tunnelblick settings so that the server connection persists over macOS Fast User Switching. Failure to do this is observed to cause routing problems beyond OpenVPN server accessibility. Use the recommended standard and advanced settings:

Tunnelblick SettingsAdvanced…
Tunnelblick SettingsTunnelblick Advanced Settings