Beyond Frustrated and Confused..

Cool_Corona

Have you setup the GW for the VPN network?? And created outbound rules??

godyourestupid

@cool_corona said in Beyond Frustrated and Confused..:

Have you setup the GW for the VPN network?? And created outbound rules??

I assume GW means gateway? If so, I used the gateway settings in the above attached instructions. No luck

HOWEVER, I did not create outbound rules. I didn't recall seeing anything in there for that.

KOM

@godyourestupid Why are you using 2.5.0? That's old and not even the latest of the 2.5 branch. There have been changes to OpenVPN since then IIRC so I would strongly suggest you upgrade to 2.6. You need to create a gateway for your OpenVPN config and then create a LAN firewall rule that directs traffic to the VPN gateway. Rule placement order is important. Lastly, an outbound NAT rule so that traffic using the VPN gateway will be NATed to the VPN interface instead of WAN.

Edit: I just checked that guide and everything is in there so you must have done something wrong. Post screens of your OpenVPN config, your LAN rules, your outbound NAT rules, and maybe we can spot something obvious.

pftdm007

If you haven't created the NAT Outbound rule for each of your local LAN's (VLAN's, etc) then you have not followed the NordVPN tutorial to the letter. Review each step. I just did this on 2.6 and after some fears of having downtime, I must say it worked flawlessly and pretty much right away (thanks to @KOM !)

godyourestupid

@kom

Firewall NAT Outbound.png Firewall Rules LAN.png [NAT Outbound Edit.pdf](Invalid file type. Allowed types are: .png, .jpg, .bmp, .txt, .gif, .xls, .gz, .zip, .pcap, .pcapng, .7z, .xml, .jpeg, .diff, .patch, .tgz, .tar, .0, .cap) OpenVPN Clients Edit_Page_8.png OpenVPN Clients Edit_Page_7.png OpenVPN Clients Edit_Page_6.png OpenVPN Clients Edit_Page_5.png OpenVPN Clients Edit_Page_4.png OpenVPN Clients Edit_Page_3.png OpenVPN Clients Edit_Page_2.png OpenVPN Clients Edit_Page_1.png NAT Outbound Edit_Page_2.png NAT Outbound Edit_Page_1.png

I hope I included everything you asked for.

Thank you all for taking the time to look at this!

Bob.Dig

@godyourestupid What is 192.168.2.0/24? Also better use hybrid outbound.

KOM

@godyourestupid When you say you can't connect, what do you mean? Can you ping 8.8.8.8? Can you resolve www.google.com (or any external site)?

godyourestupid

@kom said in Beyond Frustrated and Confused..:

@godyourestupid When you say you can't connect, what do you mean? Can you ping 8.8.8.8? Can you resolve www.google.com (or any external site)?

When I ping, 8.8.8.8 or google.com, I get request timed out.

godyourestupid

@bob-dig said in Beyond Frustrated and Confused..:

@godyourestupid What is 192.168.2.0/24? Also better use hybrid outbound.

192.168.2.0/24 is set from the directions listed by Nord, along with using manual rules for outboud.

Aaaaaaand I just changed it from 192.168.2.0 to 192.168.1.0 and it worked. I cannot believe I missed that.

Thank you so much! @Bob-Dig and @KOM

Bob.Dig

@godyourestupid said in Beyond Frustrated and Confused..:

192.168.2.0/24 is set from the directions listed by Nord, along with using manual rules for outboud.

You havbe to change that to your LAN IP address space.

godyourestupid

@bob-dig Thank you for all your help!

BTW I updated to 2.6 AND I will make a back up of my config once I have everything back up. PFBlocker is next. :)