[Solved] Opnsense 20.7.3 and PIA VPN

[s4rs]

This is a manual which I used to do what you want to achieve:
https://www.reddit.com/r/PFSENSE/comments/6edsav/how_to_proper_partial_network_vpn_with_kill_switch/

It's for pfSense but it's really easy to adopt it.

I went through the guide and it was the same as other guides I have followed. Anyway its working. I think the key was after changes I did a refresh from VPN -> OpenVPN -> Connection Status -> Restart . All my other attempts I would would go to VPN -> OpenVPN -> Clients -> PIA stop start.. Thanks everyone for your support.. 

[Chrome]

I think I am having the same problem that you were having. Trying to setup PIA for a small group of IPs...
Opnsense estabilishes the connection with PIA (it seems fine here).

I have the LAN rule to send out traffic from those IPs to the PIA_gateway....

but when I do a traceroute it just times out... I am pulling my hair out with this. PIA doesn't have an OPNsense guide... they should...and I hope they will soon!

In the meantime...any ideas? Your post is the most recent I could find...I tried some older posts/guides.. but they just don't work. I am running 20.7.4 like you are.

[Gauss23]

You need an Outbound NAT rule on the VPN Interface to masquerade outgoing traffic with the ip address of your VPN interface

[s4rs]

You need an Outbound NAT rule on the VPN Interface to masquerade outgoing traffic with the ip address of your VPN interface

Its hard to figure out your issue without seeing your config. I posted images of my config which I think is accurate. If you can post yours we can try to figure this out. Just remember when you make changes for sanity sake bounce the interface like I described. I am sure this is what fixed my issue.

[Chrome]

@s4rs, @Gauss23,

You both are right...I need to post my config... I have tried restarting the connection via VPN - OpenVPN - Connection Status - Restart each time I make a change... but I can't get this connect to do much other than time out...but if I disable the "PIA_traffic" Rule, the linux box doesn't time out... it goes to the WAN (not what I want..but it works via the WAN).

Here are my screenshots:

PIA VPN Connection:

[Chrome]

last screenshot of the VPN connection

[Chrome]

Firewall - NAT - OUTBOUND

[Chrome]

FIREWALL - RULES - LAN

[Chrome]

Firewall: Aliases

[Chrome]

VPN - OPENVPN - CONNECTION STATUS

[Chrome]

Interfaces: Diagnostics: Trace Route

[Gauss23]

Please have a look at your NAT rule:
On the PIA_VPN interface you have a rule that has a source of PIA_Traffic but you translate the source to the WAN address, why?
It should be the IP of the PIA interface

[Chrome]

I did have it like that...but I was messing with it to try and get the traceroute to do something (using a ubuntu box to test)... however, I did change it...and still nothing.

[Gauss23]

Can you please show us your:
System: Routes: Status

and:
System: Gateways: Single

[Chrome]

Sure! Lemme know what you think!