[SOLVED] Cannot get OpenVPN client to work for VPN service

Started by qiwi, April 08, 2018, 10:44:06 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 08, 2018, 10:44:06 PM Last Edit: April 10, 2018, 08:40:29 PM by franco
I recently switched from pfsense to opnsense, and I must say that I am really happy with this so far. However, there is one feature I cannot get to work. On my old router I setup a OpenVPN client to let the traffic from my server (single ip) pass through a VPN service from Private Internet Access. I tried setting this up in OPNsense, but when I enable the VPN Client internet for my whole network fails. I am really scratching my head why this is.

I did the following steps:

1) Setup the VPN through the guide provided at: https://helpdesk.privateinternetaccess.com/hc/en-us/articles/115005760606-Setting-up-a-Router-running-pfSense-Firmware

I have the idea that this is working, because the Status page at OpenVPN shows the following:


2) Assigned an interface

I assigned a interface for the VPN client called "PIA_OPNVPN", mapped to ovpnc1. Afterwards i checked "Enable interface" and let the other settings at there default.

3) Create alias for my server containing my server's IP address and alias name "Home_Server"
4) Configure Outbound NAT

I set outbound NAT to manual and setup the following rules:


After this configuration, when I start the OpenVPN Client my whole internet stops working. Disabling the client brings internet up again.

Can someone please help me getting this to work? Thank you!

April 08, 2018, 11:03:25 PM #1
Im not an expert but i think you got NAT wrong..nat address should be interface address..you are pointing it to alias "home server"
April 09, 2018, 02:31:43 PM #2
I'm trying to make sure I understand your use case and what your goal is.

Are you trying to mask your whole internal network through PIA?

I have TorGuard setup and just use a basic rule to route one host out. It's been working well now for me and wasn't that bad to setup.

I did a pretty similar process as I setup the VPN client, validated it connected. I setup an Interface and mapped it to ovpnc1.

I can see my VPN DHCP address setup in my Gateways and I just made that ping 8.8.8.8 to make sure it's working.

I setup manual outbound NAT similar to what you did as well.

My LAN Rule looks like:

https://imgur.com/sySZkpE

It routes a specific server first out the my TorGuard. I use that service specifically as I want to be able to port forward back via my VPN so that's why I've decided on that provider.
April 09, 2018, 10:08:08 PM #3
Thanks guys for your help! I was somehow sleeping. I adjusted the NAT settings as Dimi3 suggested and also added LAN rules as Animosity022 stated. Now everything works as expected.
Print
Go Up Pages1
User actions