Messages

Yes, that was very early in the troubleshooting process. Matching the cipher algos with the .opvn files from NordVPN for the specific server that I was attempting to connect to. It did throw errors if they did not match, however the connection would still show as "up". 

Felt better about it if they did match though, probably works better too.

Also, I see the tun-mtu (or mss?, can't remember off hand) number mismatched when connecting at times, log states it decides to match them, and does not seem to affect connection.

So, because the VM OPNSense is attached to a bridged VM adapter, all traffic still travels through my physical machine, and does not change my public ip. However, I was suffering the wrath of wifey and kids messing with the physical machine trying to troubleshoot. Now that I have the VM passing internet with the VPN service as the interface, I believe it can be repeated with the physical machine.

Thanks again!

Thanks Northguy!

I believe I have it working now. Although, can't tell you why. Setting the Interface Config Type to NONE, helped a lot at first. Then updated the 18.7 VM to 18.7.10. Lost DNS. Copied your rules, a few reboots later and DNS still not working.

Tried a few other things, lost internet connectivity again, until I switched Interface Config Type back to DHCP and copied the tunnel address to the alias. Weird thing is, at this point, only have to do that once. When the tunnel changes it's virtual IP, I still have connectivity, even through a reboot of client and router (VMs). *shrug*

Then all of a sudden DNS started working. Undid the few things I had tried, rebooted after undoing each one, and it still works.  :o

Updated the VM to 19.1 and then to the latest 19.1.8 and after router VM and client VM reboot. DNS and internet still working...

...now to integrate this setup on my real network....

Just curious, can I ask what you have in your VPN_DNS_Servers alias?

I had the one that NordVPN has in the tutorial, and then also added Cloudflare's as well.  Does yours only contain Couldflare's?


Once I get this working on the real deal, I would like to try grouping gateways that NilsS had posted on page 2 of this thread.


Thanks again!!

Hi,

I've been trying to get NordVPN and OPNSense to connect to the internet through the tunnel. I tried to use this tutorial on NordVPN website.

https://support.nordvpn.com/Connectivity/Router/1292598142/OPNsense-18-7-setup-with-NordVPN.htm

No real luck with 19.1.

Spun up a couple of VirtualBox VM's, an OPNSense 18.7 and 19.1 and a Win10 client. Using the 18.7 VM the only way I can connect to the internet from the Win10 client behind the VM OPNSense 18.7 is by putting the tunnel virtual IP into the alias box for the NordVPN interface, screenshot attached.

It works until the virtual IP for the tunnel changes. Then have to go to VPN -> OpenVPN -> Connection Status and copy new tunnel virtual ip and copy it to the NordVPN (OPT1(ovpnc1)) interface alias box, like in the snip attached.

I had it working this way with 19.1, but not for long, only worked for about 15 min, but have not been able to make it repeatable since.

Have also tried to create a LAN network alias and made a rule like in the OP's post.

Is there any way to make the alias IP box take on whatever the OpenVPN client has for it's tunnel, or is there a way to include a range of IP's instead?

I have tried to insert 10.0.0.0/24, and 10.8.0.0/24 but that does not work. I have tried to use the NordVPN's hostname for the server I was trying to connect to as well, in the alias hostname box in the interface menu, that does not work either. The only way it works is with the specific IP address from the OpenVPN connection virtual IP. (In 18.7) The virtual IP in the Connection Status changes frequently.

Thoughts? Pointers? I am relatively green to OPNSense. Maybe I'm missing a really simple check box or setting/rule?

Would really prefer to use 19.1 as it's the latest, and is running in my real environment now.

Thanks for your time!

Edit for pic...