Return to Level1Techs.com

[solved] OpenVPN Server and PIA Client on single PFSense router


#21

Also, the two bottom lan rules do nothing (the allow any with wan gateway and allow any with default gateway) because the rule above that will catch everything.


#22

Here are is my Outbound NAT. 192.168.1.0/24 is my local network, 192.168.2.0/24 is my VPN server tunnel network.

Regarding the LAN rules, did you mean the bottom 2 including the IPv6 one at the very bottom? I had that one disabled already, so I think you mean that just the allow any with WAN gateway doesn’t do anything, correct? My thought process for having that rule was because it was my understanding that the rule above that (LAN network out the PIA VPN gateway) is to force any devices that aren’t part of WAN_redirect_group or the force_VPN_group to go out the PIA VPN. However, if the PIA VPN is down for some reason, I want those devices to still work, so I thought that last rule would allow them to go out the WAN gateway.


#23

If the VPN goes down and you don’t have gateway redirect (can’t remember what it’s called, it changes the gateway if it goes down) enabled then you just don’t have internet access. Didn’t see the bottom one being ipv6 though.

Anyway, everything seems to be okay so I’m not sure why your VPN isn’t sending your traffic out through the PIA gateway. How are you testing it?


#24

I’m just going to sites that show my IP address and it’s showing the IP of the ISP I’m using. I would expect to see the IP from PIA.


#25

I can’t see anything wrong so I’m really no sure what’s going on. Have you tried restarting it?


#26

Thanks for all your help. I did a restart of the router and it still doesn’t send the data down the VPN when I remote in. It’s not the biggest deal because I mostly wanted remote access and no dns leaks which I have now. Just bugs me that I’m not sure what is wrong with the setup. Maybe I’ll go back to default setup and try it all again from scratch. Any other suggestions?


#27

I have a suggestion, @jdubbs23 you might want to contact Pfsense’s community for your problem if @Dexter_Kane can’t figure out what is wrong then its time to ask the software developers why Pfsense isn’t working as expected.


#28

Thank you @Shadowbane, I will reach out to pfSense community.


#29

I forgot to mention the Pfsense community is kind of like the Reddit community, they don’t like noobs, so you might have to have a lot of patients with whoever answers your question, especially if you haven’t purchased their pfSense Gold Subscription, at least that is what I have heard. The only experience I have had with Pfsense was once installing and trying to run it in a virtual machine, which didn’t go so well.


#30

The only feedback so far is that I need an OpenVPN to PIA rule in NAT. Any thoughts on this or how exactly it should look?


#31

You already have those rules


#32

Thank you, after a couple of hours are trying 101 different things to get my system to work, I stumbled across this post and this little line did the trick

Disabling the “pull routes” in the PIA Client

Big thank you