OPNsense Forum
Archive => 20.1 Legacy Series => Topic started by: bigshorty40 on February 27, 2020, 06:15:55 am
-
Hi All
I'm not new to Opnsense but have decided to come back as I want to configure my NordVPN connection with Opnsense so that all traffic goes through the VPN. I have followed the NordVPN guide for setting up the VPN on Opnsense 19.1 and even though the connection is up, and traffic is going through the VPN, something odd seems to be happening.
My network consists of a Draytek Vigor 130 modem in bridge mode, which is connected to my Opnsense which handles all my routing and VPN configuration, which is then connected to an Asus RT-AC88U in AP mode where all my wired and wireless devices connect to the internet.
Now here is the odd behaviour, wired devices work perfectly, traffic goes through VPN and web pages load as they should, however wireless devices do not seem to want to connect to the internet at all, they either time out, say the server has stopped responded or server cannot be found. I've searched everywhere for a solution, ask friends that have networking knowledge, even went to NordVPN themselves and the doesn't seem to be any logical explanation, or a fix for this behaviour.
I'm really hoping some of you out there might have some ideas as to what the problem might be and suggest ways to fix this, I would be ever so grateful for any advice.
-
does wifi devices works if you disable the vpn? issue is probably with the access point
-
does wifi devices works if you disable the vpn? issue is probably with the access point
Yes, they work fine, only when I enable the VPN do they then not load web pages, they connect to the AP, but pages won't load.
-
I will say I can get it working flawlessly using the same network devices but with pfsense installed. Surely that would say the devices and setup are ok and it's more likely got something to do with a configuration setting somewhere?
-
do you have a trunk link from opnsense and your access point, or just a flat network? are wireless and cabled networks on the same vlan id? can you ping the opnsense interface from wifi devices? do you use dhcp, and it's served by opnsense?
-
In answer to your questions I have just a flat network in place, wireless and cabled networks are on the same vlan id, i do use dhcp which is served by opnsense but I cannot ping opnsense via wifi devices.
-
I get request timeout errors when I try to ping opnsense from a wifi device
-
but can you ping from cabled devices? (maybe no fw rules are in place, you could enable the icmp just for a try)
-
No I can't ping opnsense from wired devices?? Enabling ICMP didn't work either.
-
well that's strange, if your wired devices have internet...
anyway one issue (not related to the ping issue) could be MTU size, I would try to enable MSS clamping on the interface connected to your AP, inserting like 1450 in MSS field
Also, is there a possibility to limit the MTU on your AP? Maybe to set path MTU discovery?
-
My thoughts exactly, extremely weird.
I'll try MTU size change later, pretty sure there is no option to limit MTU on my router while in AP mode, although I will check.
I've got to go to work now, was hoping it could be a quick fix but this is obviously not the case. If you or anyone else has any ideas I'd be grateful to hear them.
Many thanks so far.