As I republish some old content, I’m updating some of it. This article was originally posted in 2012, but I’m updating in 2026.
I’ve used a static site generator for some time. Since I tend to prefer python, I’ve been using Nikola. I liked it because of the simplicity, but the options for themes are not to my liking. Since CSS is not my forte, to put it mildly, I’m switching to Jekyll. It has lots of theme options, and is presenting some interesting new challenges.
FreeNAS 11 was recently released , so I’m going to continue my series on running OpenVPN servers from FreeNAS jails. In theory these instructions could be followed on any old FreeBSD 11 jail, but FreeNAS provides a friendly UI, so why not use it?
A while back, I wrote a post about building an OpenVPN server inside a FreeNAS jail for a friend who has a small FreeNAS device, but doesn’t have a firewall that will let him run an OpenVPN server directly. Much to my surprise, this article seems to have gotten some traction, so I’m posting an update to it (leaving the old one in place for posterity’s sake).
You know how when you use your debit card at an ATM or at a point of sale, you have to provide your PIN before your transaction can be completed? It makes perfect sense, right? With out the PIN, anyone who find yours debit card would be able to use it as if they were you. No good. Who wants that?
Ten years ago, I was very much into IPv6. I had two different tunnels, and all of my home network had v6 IP addresses — all statically assigned, with working reverse DNS. Even the Windows XP machines. Then I got lazy. I swapped out my hand-crafted OpenBSD router for an off-the-shelf wireless router. That old homemade router was old enough that I couldn’t put a Wifi card in it, and I just wanted some wifi.
Before I get too far into this, I need to issue a disclaimer. OPNSense is a product that is under development, so sometimes things move around pretty quickly. I’m currently on OPNSense 15.7.4-amd64 that is running on a FreeBSD 10.1-RELEASE-p14 base with OpenSSL 1.0.2d 9 Jul 2015 doing the SSL work. I would suspect, but cannot guarantee, that what you are about to read below will work for any OPNSense 15.7 version.
I recently converted my home firewall from pfSense to OPNSense. The reasons for the change are pretty much all outlined in the reasons why OPNSense forked. Those are some pretty solid reasons, in my opinion.
Update 6/18/2016: There is a new version of this post. If you are using EasyRSA version 3, then you should use the new tutorial. If you are still on version 2, then this tutorial is probably the one you want.
One of the great things about FreeBSD is its long-standing support for jails. A jail is a way to run a process or set of processes in an environment that is isolated from the host system. Processes created inside a jail cannot access files outside of that jail.
