Using a PC with VPN as a default gateway

Started by igorerro, November 04, 2024, 05:08:41 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 04, 2024, 05:08:41 AM
Hello everyone, I have not been using OPNsense for long, so I do not ask you to throw tomatoes. There is a dire need with a VPN, but it is not possible to establish a connection abroad using standard means, an idea was born, to connect another network card, create another network 11.1.1.1, connect a PC with IP 11.1.1.2 to it, run a VPN on the PC that will work and create a gateway in the settings that sends us to this computer with the VPN enabled, so that later this gateway can be used for everyone else in the first LAN
How it came to implementation, nothing worked, what could be the problem and is it feasible?
If not, maybe someone can tell me how to implement the use of openvpn or wireguard in OPNsense that will not be blocked by the provider
November 04, 2024, 09:23:30 AM #1
Of course you can do that. From the point of OPNsense, the PC will be just another upstream connection like a Multi-WAN setup, where you can route traffic to.
But don't use public IP ranges for local networks as you intend!

And on the PC you will have to enable routing to get it work and allow traffic passing in its firewall settings. This is not enabled out of the box.

And why want you do that? It's more reliable and easier to set up the VPN on the default gateway, which might be your OPNsense.
I don't expect, that there is a better chance with a VPN on a PC to be not blocked by the ISP. If your ISP blocks your traffic just kick him.
November 04, 2024, 08:05:28 PM #2
unfortunately, standard VPN connection tools are blocked here, and I don't understand opnsense well enough to implement obfuscation, xray or something similar, so I had to use this slightly stupid method

how to enable traffic passing in firewall, do you mean the rules for my new LAN with VPN or nat outbound
November 04, 2024, 09:35:40 PM #3
Quote from: igorerro on November 04, 2024, 08:05:28 PM
xray or something similar
Don't know, how this is implemented in the computer system. I think, if it doesn't give you a virtual network adapter, routing might not be possible.
And as I said, routing must be enabled on the computer.

Do you know, what exactly is blocked regarding VPN? Certain ports or protocols?
If it's only this, you possibly succeed with a VPN on TCP port 443, which is used by common web traffic.
There are VPN providers out there supporting this.

Quotehow to enable traffic passing in firewall,
You have to allow this on the computer running the VPN.
November 04, 2024, 09:45:38 PM #4
Did you try OpenVPN over TCP on port 443?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
November 05, 2024, 01:47:31 AM #5
Quote from: Patrick M. Hausen on November 04, 2024, 09:45:38 PM
Did you try OpenVPN over TCP on port 443?

Yes im tryed to do it, but provider block it
November 05, 2024, 01:48:54 AM #6
if i'm correctly understand provider use DPI for this reason almost all ways to use "basic" vpn is impossible
Print
Go Up Pages1
User actions