1
20.1 Legacy Series / Private VPN provider user recommended settings not working
« on: June 30, 2020, 03:20:27 pm »
Hi,
I tried to setup OPNsense 20.1.7 to use ProtonVPN. They don't have guide for OPNsense, but they do have for another one you probably know, so i used this as base.
First adding the certificate and the client, no problem so far, client is up.
Then when come the interface settings, i can't do the same cause it say to add an interface for the OpenVPN connection, but it's not possible to use ip settings on tun interface, so when adding the nat outgoing rule to make all the traffic goes throught the OpenVPN interface instead of some "OP1VPN" tun interface i just set OpenVPN as interface.
At first glance i think it was working, since i get internet access, but when checking for ip and dns leak, i saw my real ip.
After some search, i found that if set this :
Don't pull routes: Un-checked
Don't add/remove routes: Un-checked
Everything is good, no more real ip visible, no dns leak.
So my question is what the implication of leaving "Don't add/remove routes" unchecked ? Does it increase security risk / decrease anonymity ?
I ask this because they told me i have to check "Don't add/remove routes"...
Thanks by advance
I tried to setup OPNsense 20.1.7 to use ProtonVPN. They don't have guide for OPNsense, but they do have for another one you probably know, so i used this as base.
First adding the certificate and the client, no problem so far, client is up.
Then when come the interface settings, i can't do the same cause it say to add an interface for the OpenVPN connection, but it's not possible to use ip settings on tun interface, so when adding the nat outgoing rule to make all the traffic goes throught the OpenVPN interface instead of some "OP1VPN" tun interface i just set OpenVPN as interface.
At first glance i think it was working, since i get internet access, but when checking for ip and dns leak, i saw my real ip.
After some search, i found that if set this :
Don't pull routes: Un-checked
Don't add/remove routes: Un-checked
Everything is good, no more real ip visible, no dns leak.
So my question is what the implication of leaving "Don't add/remove routes" unchecked ? Does it increase security risk / decrease anonymity ?
I ask this because they told me i have to check "Don't add/remove routes"...
Thanks by advance