Using a PC with VPN as a default gateway

[igorerro]

Hello everyone, I have not been using OPNsense for long, so I do not ask you to throw tomatoes. There is a dire need with a VPN, but it is not possible to establish a connection abroad using standard means, an idea was born, to connect another network card, create another network 11.1.1.1, connect a PC with IP 11.1.1.2 to it, run a VPN on the PC that will work and create a gateway in the settings that sends us to this computer with the VPN enabled, so that later this gateway can be used for everyone else in the first LAN
How it came to implementation, nothing worked, what could be the problem and is it feasible?
If not, maybe someone can tell me how to implement the use of openvpn or wireguard in OPNsense that will not be blocked by the provider

[viragomann]

Of course you can do that. From the point of OPNsense, the PC will be just another upstream connection like a Multi-WAN setup, where you can route traffic to.
But don't use public IP ranges for local networks as you intend!

And on the PC you will have to enable routing to get it work and allow traffic passing in its firewall settings. This is not enabled out of the box.

And why want you do that? It's more reliable and easier to set up the VPN on the default gateway, which might be your OPNsense.
I don't expect, that there is a better chance with a VPN on a PC to be not blocked by the ISP. If your ISP blocks your traffic just kick him.

[igorerro]

unfortunately, standard VPN connection tools are blocked here, and I don't understand opnsense well enough to implement obfuscation, xray or something similar, so I had to use this slightly stupid method

how to enable traffic passing in firewall, do you mean the rules for my new LAN with VPN or nat outbound

[viragomann]

xray or something similar

Don't know, how this is implemented in the computer system. I think, if it doesn't give you a virtual network adapter, routing might not be possible.
And as I said, routing must be enabled on the computer.

Do you know, what exactly is blocked regarding VPN? Certain ports or protocols?
If it's only this, you possibly succeed with a VPN on TCP port 443, which is used by common web traffic.
There are VPN providers out there supporting this.

how to enable traffic passing in firewall,

You have to allow this on the computer running the VPN.

[Patrick M. Hausen]

Did you try OpenVPN over TCP on port 443?

[igorerro]

Did you try OpenVPN over TCP on port 443?

Yes im tryed to do it, but provider block it

[igorerro]

if i'm correctly understand provider use DPI for this reason almost all ways to use "basic" vpn is impossible