Hi all!
My first post here. I'm new to OPNsense and BSD, but not to firewalls, routers or linux.
I followed the instructions on the nordvpn site, it's out of date now, I saw at least 3 discrepancies, noted below.
https://support.nordvpn.com/Connectivity/Router/1292598142/OPNsense-19-1-setup-with-NordVPN.htm
I also opened a support ticket with NordVPN, but I haven't heard back yet. Figured I would also try here.
Basically, the openvpn interface is up, has an IP address, and routing is taking place. From a linux workstation, I can ping 1.1.1.1 no problem.
DNS appears to be working too. From the OPNsense web interface, can ping yahoo.com no problem.
From a linux workstation on the LAN:
I can ping 1.1.1.1 from a linux workstation on the LAN.
but ping yahoo.com comes back:
ping: yahoo.com: Temporary failure in name resolution
also: host google.com
;; connection timed out; no servers could be reached
same with nslookup and dig google.com
;; connection timed out; no servers could be reached
==================================
From the OPNsense web interface, DNS seems to be working. From Diagnostics -> DNS Lookup
looked up yahoo.com, came back with all the A Type Addresses
query times from:
127.0.0.1 -> 23 msec
103.86.96.100 -> 180 msec
103.86.99.100 -> no response
ping yahoo.com resolves fine and pings
=========================
Following the howto guide on nordvpn, I noted 3 discrepancies:
Services -> Unbound DNS -> General
Outgoing Interfaces: the guide says use (OpenVPN client (NordVPN_US8577)) but there is also a NordVPN interface. I've tried each, and both.
NAT -> Outbound
advanced outbound NAT entry: same thing, 2 interfaces, guide says use NordVPN, I also tried OpenVPN
Firewall -> Rules -> LAN
After following the directions, there are only 2 rules, but the picture/sample shows 3. The first rule for the anti-lockout is missing. I tried to add it, but am unsure which choices to select.
The VPN/OpenVPN log file has a few notable warnings:
WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA512'
WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1582', remote='link-mtu 1634'
ioctl(TUNSIFMODE): Debice busy (errno=16)
I'd be grateful for any suggestions. Thanks for reading.
I guess I should add this is a fresh new install, and I updated/rebooted before configuring the openvpn to nordvpn.
Installed OPNsense on the vnopn mini-pc:
https://www.amazon.com/gp/product/B09J4H9ZXY/ref=ppx_yo_dt_b_asin_title_o01_s00?ie=UTF8&psc=1
Okay never heard from anyone here or from NordVPN.
After several resets to factory defaults, and starting completely over, I finally got openvpn on opnsense to connect to nordvpn, but it is so fragile. After a while, it just stops working. If I make the slightest change, it stops working. Restarting services does nothing. Getting tired of rebooting the firewall all of the time. I'm not impressed.