[Solved] Opnsense 20.7.3 and PIA VPN

Started by s4rs, October 06, 2020, 11:20:12 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3 4
User actions
October 14, 2020, 05:09:22 PM #15
Quote from: Gauss23 on October 14, 2020, 04:29:31 PM
This is a manual which I used to do what you want to achieve:
https://www.reddit.com/r/PFSENSE/comments/6edsav/how_to_proper_partial_network_vpn_with_kill_switch/

It's for pfSense but it's really easy to adopt it.

I went through the guide and it was the same as other guides I have followed. Anyway its working. I think the key was after changes I did a refresh from VPN -> OpenVPN -> Connection Status -> Restart . All my other attempts I would would go to VPN -> OpenVPN -> Clients -> PIA stop start.. Thanks everyone for your support.. 
October 30, 2020, 03:45:26 AM #16

I think I am having the same problem that you were having. Trying to setup PIA for a small group of IPs...
Opnsense estabilishes the connection with PIA (it seems fine here).

I have the LAN rule to send out traffic from those IPs to the PIA_gateway....

but when I do a traceroute it just times out... I am pulling my hair out with this. PIA doesn't have an OPNsense guide... they should...and I hope they will soon!

In the meantime...any ideas? Your post is the most recent I could find...I tried some older posts/guides.. but they just don't work. I am running 20.7.4 like you are.
October 30, 2020, 05:50:10 AM #17
You need an Outbound NAT rule on the VPN Interface to masquerade outgoing traffic with the ip address of your VPN interface
,,The S in IoT stands for Security!" :)
October 30, 2020, 03:52:25 PM #18
Quote from: Gauss23 on October 30, 2020, 05:50:10 AM
You need an Outbound NAT rule on the VPN Interface to masquerade outgoing traffic with the ip address of your VPN interface

Its hard to figure out your issue without seeing your config. I posted images of my config which I think is accurate. If you can post yours we can try to figure this out. Just remember when you make changes for sanity sake bounce the interface like I described. I am sure this is what fixed my issue.
October 31, 2020, 06:51:03 PM #19
@s4rs, @Gauss23,

You both are right...I need to post my config... I have tried restarting the connection via VPN - OpenVPN - Connection Status - Restart each time I make a change... but I can't get this connect to do much other than time out...but if I disable the "PIA_traffic" Rule, the linux box doesn't time out... it goes to the WAN (not what I want..but it works via the WAN).

Here are my screenshots:

PIA VPN Connection:

October 31, 2020, 06:52:23 PM #20
last screenshot of the VPN connection
October 31, 2020, 06:57:09 PM #21
Firewall - NAT - OUTBOUND

October 31, 2020, 06:59:01 PM #22
FIREWALL - RULES - LAN
October 31, 2020, 07:01:15 PM #23
Firewall: Aliases

October 31, 2020, 07:03:46 PM #24
VPN - OPENVPN - CONNECTION STATUS

October 31, 2020, 07:05:19 PM #25
Interfaces: Diagnostics: Trace Route
October 31, 2020, 07:42:37 PM #26 Last Edit: October 31, 2020, 07:44:08 PM by Gauss23
Please have a look at your NAT rule:
On the PIA_VPN interface you have a rule that has a source of PIA_Traffic but you translate the source to the WAN address, why?
It should be the IP of the PIA interface
,,The S in IoT stands for Security!" :)
October 31, 2020, 08:40:29 PM #27
I did have it like that...but I was messing with it to try and get the traceroute to do something (using a ubuntu box to test)... however, I did change it...and still nothing.

October 31, 2020, 08:44:35 PM #28
Can you please show us your:
System: Routes: Status

and:
System: Gateways: Single
,,The S in IoT stands for Security!" :)
October 31, 2020, 10:17:22 PM #29

Sure! Lemme know what you think!

Print
Go Up Pages 1 2 3 4
User actions