3 VPN providers but 1 isn't working, what's different?

[frozen]

Hello everyone!  I have wireguard configuration from 3 different VPN providers.  SurfShark, ProtonVPN, and WindScribe.  WindScribe and Proton are working perfectly with no issues, and I have 4 different gateways running and I am able to remove hosts from one and add to another through using "Aliases" for each of them (I followed the official OPNsense Selective WireGuard Routing Guide) and THOUGHT everything was fine until I tried adding SurfShark..  I can't get their tunnels to work for some reason..  Everything looks like its established and there's no errors anywhere to be found, not in the WireGuard logs even that I've been able to find, and everything is green everywhere in the dashboard etc but when I apply a host to that tunnel, the traffic doesn't go anywhere - everything just stalls

https://imgur.com/a/9ssljys

where it says <key is pre-filled> those values are already included in the config files, I've just followed the WireGuard Selective Routing guide and been copy and pasting

And as mentioned I have multiple established ones all working fine, it's just the surfshark that isnt working..  at a glance the literal only difference I see is that it's using public DNS servers inside the config file and the others are all using internal network..  Is this the reason?  What do I need to change if so?

Big thanks for any help

[frozen]

ALSO it's some weird behaviour - when a host is using the gateway, I can type 'curl icanhazip.com' and get the proper surfshark IP!  then I can ping google.com or any host and get replies, I say yahoo!  it's working!  but then when I try to actually browse, it stalls..  speedtest and curl need to be ctrl+c, they stall out, same with trying to browse the web even, even though the original curl IP check works and ping works!  Super weird

[frozen]

Here is in a nutshell the problem in 1 picture

Grasping at straws thought maybe MTU related so I dropped MTU to 1260 on the wireguard tunnel with no difference

I'm willing to share the config file in DM if someone wants to try it for me

[DEC670airp414user]

when I was trying wireguard.  I had this issue on the occasion
I would delete the setup not working.   start over and 99% of the time it started working again.

dns.   I would setup a public dns server like quad or cloudflare to see if it helped for that Alias device

[Samuele]

Hi,
I'm trying to configure the OpenVPN Client for Surfshark VPN on my OPNsense but the internet traffic is not being forwarded to the VPN.
The OpenVPN Client is UP but I can't receive from VPN Server any data.
I have created a LAN rule to forward traffic to the Surfshark Gateway (dynamic gateway) and a NAT rule, but doesn't works.

Could someone share me a working configuration of OPNsense to connect to the Surfshark VPN?

Thank you!

[djbmister]

I'm using surfshark on the opnsense, basically wireguard the kernel plugin doesnt work well. Switch to the wireguard-go - in the firmware/plugins.

mtu = 1420
mss = 1420

ip configuration = none

See attached my config - keys marked off for security reasons

I'm hoping the new 24.x release will work with the built in kernel, otherwise mmmm

[LovelyCupOfTea]

Hi There

Same Issue here with surfshark, I cannot get it working at all, please see my set up at my post here https://forum.opnsense.org/index.php?topic=39783.0

Did you resolve this issue for your self and what guide did you use to set up your other vpn providers, from my configuration can you see where I might have gone wrong?

Either way you got further than me, I did get Airvpn Working previously but I have flattened it since then and im trying to get surfshark working first, I wanted to use Mullvad but they were unable to provide a further guide as to how to get theirs working with it as I requsted it but they said they would make a guide yet