Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Plain English guide for routing internet traffic through VPN?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Plain English guide for routing internet traffic through VPN? (Read 2022 times)
Ihmemies
Newbie
Posts: 2
Karma: 0
Plain English guide for routing internet traffic through VPN?
«
on:
October 23, 2023, 05:27:56 pm »
I don’t understand enough about networking. I think I understand what I want: my LAN traffic should communicate with Internet only via my paid VPN service. Communication directly with internet should not be allowed. Is this a feasible goal?
I am running the newest stable opnsense. I created a wireguard interface and peer and registered the wireguard key with my vpn provider. The wireguard “handshakes” but tells nothing further. I don’t know if that means it’s working or not or something else.
Pinging 1.1.1.1 from opnsense results in packet loss.
I have a WG1 interface. A WG1 gateway which is offline.
Hybrid outbound NAT for WG1 interface. It translates any LAN net traffic to any destination through the WG1 interface.
Firewall in LAN has out, source lan net, dest wan net, blocked. It has out, source lan net, dest WG1 gateway allowed.
WAN has in, source any, dest LAN net blocked. Any to WG1 net allowed.
WG1 firewall has out from any to any allowed.
I am not sure if all this is correct or wrong, and if I need something else or not. In theory it is simple - force all Internet traffic to go through my paid vpn. In practice it is very hard.
The WG1 gateway should probably work, but it does not work. I don’t know why it’s not online, or what prerequisites must be met to get it online. Is there some up to date guide on how to do this with the latest WG changes? Wireguard implementation in opnsense seems to be changing all the time.
Thanks.
Logged
murill73
Newbie
Posts: 4
Karma: 0
Re: Plain English guide for routing internet traffic through VPN?
«
Reply #1 on:
October 23, 2023, 10:11:58 pm »
I think that I might have the same problem. I was on 22.1 and my WireGuard VPN just stopped working. I noticed that the gateway for the WireGuard VPN was down. I did not manage to solve the issue. I made a clean install of 22.7 and eventually got everything working. I couldn't get kmod WireGuard to work, but I got WireGuard-go up and running with selective routing just as before.
Today I noticed that the devices that I route through the VPN did not have any internet access. Once again the gateway is down. I would be happy to receive some guidance in this as my knowledge in networking is very limited.
Logged
frozen
Newbie
Posts: 41
Karma: 0
Re: Plain English guide for routing internet traffic through VPN?
«
Reply #2 on:
October 24, 2023, 04:51:41 am »
Join the club - I cannot get over how incredibly complicated it is to complete simple things like connecting to paid VPN services and quickly allocating clients to it
It's an entire ordeal that requires you to follow a guide every step of the way extremely carefully and there's SO many steps involved. I got one working, and having trouble adding a second one.
It's things like this that really make me hate networking, I really really wish this was easier. Did you follow the Selective Routing guide? It's out of date and refers to things that aren't there anymore, but if you follow it along step by step I did get one working eventually..
I don't think this is more convenient than quickly making a container in Proxmox and issuing 3 quick commands to enable masquerading and internet sharing, though.. The only benefit I can see to following such extremely hard complicated guides is it saves you from needing a container to do it.. Not sure yet
Logged
Ihmemies
Newbie
Posts: 2
Karma: 0
Re: Plain English guide for routing internet traffic through VPN?
«
Reply #3 on:
March 07, 2024, 08:57:58 pm »
Apparently my problem was that I updated the firmware. The setup just refused to work with the same settings, so I downgraded to an older one.
I today tried upgrading from OPNsense 23.7.6-amd64 to OPNsense 23.7.12_5-amd64 and this time the setup seemed to work well. I have no idea why that was so but I am glad the updates seem to work again, since I was hesitant to try to upgrade the system upgrade again.
I think I will let the 24 series bake in for a quite a while before attempting to jump to that.
«
Last Edit: March 07, 2024, 08:59:52 pm by Ihmemies
»
Logged
LovelyCupOfTea
Newbie
Posts: 14
Karma: 0
Re: Plain English guide for routing internet traffic through VPN?
«
Reply #4 on:
April 02, 2024, 09:57:32 pm »
I agree that it's way more Complicated than it needs to be conparsd to so thing like Asus merlin where vpn configuration is just an absolute doddle
Did you eventually get this working or did you give it up a bad job? Please see my thread where I have outlined my configuration
https://forum.opnsense.org/index.php?topic=39783.0
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Plain English guide for routing internet traffic through VPN?
«
Reply #5 on:
April 02, 2024, 10:43:27 pm »
I was going to make the same suggestion on one of your many responses to many threads. No criticism, you're just trying to get going. The suggestion is to use a 23.7 image.
The reasons are thus: there was a refactor of OpenVPN settings on 24.1. The docs aren't -I think- yet updated.
The new updates might be causing the problem, and If you don't mind me saying, as a network beginner, others are better placed to diagnose the low-level details.
And to top it all off, you have PPoE to contend with. Another low-level to diagnose in the mix.
Try 23.7. It might be a pleasant surprise
Logged
LovelyCupOfTea
Newbie
Posts: 14
Karma: 0
Re: Plain English guide for routing internet traffic through VPN?
«
Reply #6 on:
April 04, 2024, 09:38:34 pm »
Many thanks for taking the time to respond
I have moved on to open wrt on a gl. Inet router and getting fantastic wireguard speeds. Was so incredibly simple to set up. I just cannot get it going in opnsense no mater what I do
Logged
EasyGoing1
Newbie
Posts: 26
Karma: 6
Re: Plain English guide for routing internet traffic through VPN?
«
Reply #7 on:
April 08, 2024, 06:27:52 am »
Have you checked with your VPN provider to see if they have any setup instructions for their service in an OPNsense environment?
This document from NordVPN - I've used before and it works well. If your VPN provider doesn't have a setup doc for OPNsense, you might be able to utilize this one, replacing the Nord specific info with the info from your VPN provider:
https://support.nordvpn.com/hc/en-us/articles/20397569418129-OPNsense-21-setup-with-NordVPN
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Plain English guide for routing internet traffic through VPN?