I’m trying to install PFSense 2.4.2 in a Virtualbox guest machine on a Windows 10 Host machine with some out of date guides (e.g. this one) (doing it to make a proper VPN + kill switch + firewall / snort).
I have a physical card configured as em1 (LAN), and a Microsoft Loopback Adapter configured as em0 (WAN).
On the PFSense web GUI my WAN Interface status is:
Status
up
MAC Address
xxxxx - my mac from my physical card
IPv4 Address
10.0.0.1 - the default gateway and DHCP server from the internet connection plugged into my PC
Subnet mask IPv4
255.255.255.0 - correct
IPv6 Link Local
fe80::a00:27ff:fef6:12aa%em0 - not sure why I have this here, I did my best to disable all IPV6 things.
DNS servers
127.0.0.1 - I guess this is the default PFSense DNS server?
208.67.220.220 - opendns
xxxxx - dns from my vpn
xxxxx - dns from my vpn
208.68.222.222 - opendns
MTU
1500
Media
1000baseT
In/out packets
0/0 (0 B/0 B)
In/out packets (pass)
0/0 (0 B/0 B)
In/out packets (block)
17/5 (4 KiB/416 B)
In/out errors
0/0
Collisions
0
My LAN status is:
Status
up
MAC Address
08:00:27:4e:b3:62
IPv4 Address
192.168.1.1
Subnet mask IPv4
255.255.255.0
IPv6 Link Local
fe80::a00:27ff:fe4e:b362%em1
MTU
1500
Media
1000baseT
In/out packets
1561/2576 (182 KiB/2.90 MiB)
In/out packets (pass)
1561/2576 (182 KiB/2.90 MiB)
In/out packets (block)
0/4 (0 B/340 B)
In/out errors
0/0
Collisions
0
With this my Internet Connection in Windows (my host), through the Loopback Adapter, has No Internet Access. All I can access is 192.168.1.1 in the browser.
I entered my VPN’s data as OpenVPN (followed guide), and that kinda works. When I gave the “Server host or address” a domain name instead of an IP address it complained / failed, but with an IP and the right cryptography settings it “works”, the Client Instance Statistics for OpenVPN show the Service is running (but not connected). Status says this:
Feb 21 00:14:52 openvpn 6449 WARNING: file ‘/var/etc/openvpn/client1.up’ is group or others accessible Feb 21 00:14:52 openvpn 6449 OpenVPN 2.4.4 amd64-portbld-freebsd11.1 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Nov 16 2017 Feb 21 00:14:52 openvpn 6449 library versions: OpenSSL 1.0.2m-freebsd 2 Nov 2017, LZO 2.10 Feb 21 00:14:52 openvpn 6664 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Feb 21 00:14:52 openvpn 6664 TCP/UDP: Preserving recently used remote address: [AF_INET]xxx.xxx.xxx.xxx:xxxx Feb 21 00:14:52 openvpn 6664 UDPv4 link local (bound): [AF_INET]10.0.0.1:0 Feb 21 00:14:52 openvpn 6664 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:xxxx Feb 21 00:14:52 openvpn 6664 write UDPv4: No route to host (code=65) Feb 21 00:14:54 openvpn 6664 write UDPv4: No route to host (code=65) Feb 21 00:14:58 openvpn 6664 write UDPv4: No route to host (code=65) Feb 21 00:15:06 openvpn 6664 write UDPv4: No route to host (code=65) Feb 21 00:15:22 openvpn 6664 write UDPv4: No route to host (code=65) Feb 21 00:15:52 openvpn 6664 [UNDEF] Inactivity timeout (–ping-restart), restarting
My network administrator knowledge is patchy, can someone help me understand how to debug this? It should be straight forward and work almost out of the box.
Also I’m still new to PFSense so when you ask for printouts please tell me where I can find them in the menus
PS:
Another weird thing is that if I leave my Loopback Adapter on Automatic, it gives me “Unidentified Network” and on an ipconfig/all the loopback adapter shows IPv4 Address: 169.254.30.217 - wtf is that? it should be 192.168.1.100 (100 is the start of the ip range in pfsense). If I set the values manually, it works, but who’s giving it that weird DHCP info?