Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN client assistance

    Scheduled Pinned Locked Moved OpenVPN
    31 Posts 3 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      Antibiotic @viragomann
      last edited by

      @viragomann So your wifi devices get IPs in 192.168.10.0/24 from pfSense and hence also get the DNS server? YES
      Screenshot_4-4-2024_213437_192.168.10.1.jpeg Screenshot_4-4-2024_213342_192.168.10.1.jpeg Screenshot_4-4-2024_21337_192.168.10.1.jpeg

      [2.7.2-RELEASE][admin@pfSense.home.arpa]/root: dig google.com

      ; <<>> DiG 9.18.19 <<>> google.com
      ;; global options: +cmd
      ;; Got answer:
      ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43895
      ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

      ;; OPT PSEUDOSECTION:
      ; EDNS: version: 0, flags:; udp: 1432
      ;; QUESTION SECTION:
      ;google.com. IN A

      ;; ANSWER SECTION:
      google.com. 300 IN A 172.217.21.174

      ;; Query time: 26 msec
      ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
      ;; WHEN: Thu Apr 04 21:37:15 EEST 2024
      ;; MSG SIZE rcvd: 55

      pfSense plus 24.11 on Topton mini PC
      CPU: Intel N100
      NIC: Intel i-226v 4 pcs
      RAM : 16 GB DDR5
      Disk: 128 GB NVMe
      Brgds, Archi

      V 1 Reply Last reply Reply Quote 0
      • A
        Antibiotic @viragomann
        last edited by

        @viragomann I have port restrictions for this interface, do not know this could be a problem or not?
        Screenshot_4-4-2024_214555_192.168.10.1.jpeg Screenshot_4-4-2024_214410_192.168.10.1.jpeg

        pfSense plus 24.11 on Topton mini PC
        CPU: Intel N100
        NIC: Intel i-226v 4 pcs
        RAM : 16 GB DDR5
        Disk: 128 GB NVMe
        Brgds, Archi

        1 Reply Last reply Reply Quote 0
        • V
          viragomann @Antibiotic
          last edited by

          @Antibiotic
          I'm not in doubt, that pfSense can resolve host names well, to be honest. The point is, what you get on a wifi-connected device.

          A 1 Reply Last reply Reply Quote 0
          • A
            Antibiotic @viragomann
            last edited by

            @viragomann said in OpenVPN client assistance:

            The point is, what you get on a wifi-connected device

            What do you mean?

            pfSense plus 24.11 on Topton mini PC
            CPU: Intel N100
            NIC: Intel i-226v 4 pcs
            RAM : 16 GB DDR5
            Disk: 128 GB NVMe
            Brgds, Archi

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @Antibiotic
              last edited by

              @Antibiotic
              Connect a laptop to the wifi and run nslookup or dig against a public host name on it.

              A 1 Reply Last reply Reply Quote 0
              • A
                Antibiotic @viragomann
                last edited by

                @viragomann Ah ok , this is a result from WIFI router:
                Screenshot_4-4-2024_215842_192.168.10.10.jpeg Screenshot_4-4-2024_215751_192.168.10.10.jpeg Screenshot_4-4-2024_21576_192.168.10.10.jpeg

                pfSense plus 24.11 on Topton mini PC
                CPU: Intel N100
                NIC: Intel i-226v 4 pcs
                RAM : 16 GB DDR5
                Disk: 128 GB NVMe
                Brgds, Archi

                V 1 Reply Last reply Reply Quote 0
                • V
                  viragomann @Antibiotic
                  last edited by viragomann

                  @Antibiotic
                  Can you show the interface configuration of this device, please?

                  DNS resolution works so far obviously.

                  A 2 Replies Last reply Reply Quote 0
                  • A
                    Antibiotic @viragomann
                    last edited by

                    @viragomann Do you mean LAN settings of WIFI router?

                    pfSense plus 24.11 on Topton mini PC
                    CPU: Intel N100
                    NIC: Intel i-226v 4 pcs
                    RAM : 16 GB DDR5
                    Disk: 128 GB NVMe
                    Brgds, Archi

                    V 1 Reply Last reply Reply Quote 0
                    • V
                      viragomann @Antibiotic
                      last edited by

                      @Antibiotic
                      This is the wifi router?
                      Then the test is useless. You need to check this from a device, which is connected to the wireless. This is, where you have troubles, so this case has to be investigated.

                      A 1 Reply Last reply Reply Quote 0
                      • A
                        Antibiotic @viragomann
                        last edited by

                        @viragomann From Laptop connected to WIFI router result:
                        PS C:\Users\archi> nslookup google.com
                        Server: pfSense.home.arpa
                        Address: 192.168.10.1

                        Non-authoritative answer:
                        Name: google.com
                        Addresses: 2a00:1450:400f:80a::200e
                        172.217.21.174

                        PS C:\Users\archi> nslookup 8.8.8.8
                        Server: pfSense.home.arpa
                        Address: 192.168.10.1

                        Name: dns.google
                        Address: 8.8.8.8

                        PS C:\Users\archi>

                        pfSense plus 24.11 on Topton mini PC
                        CPU: Intel N100
                        NIC: Intel i-226v 4 pcs
                        RAM : 16 GB DDR5
                        Disk: 128 GB NVMe
                        Brgds, Archi

                        1 Reply Last reply Reply Quote 0
                        • A
                          Antibiotic @viragomann
                          last edited by Antibiotic

                          @viragomann Laptop settings:
                          Screenshot 2024-04-04 222711.png

                          pfSense plus 24.11 on Topton mini PC
                          CPU: Intel N100
                          NIC: Intel i-226v 4 pcs
                          RAM : 16 GB DDR5
                          Disk: 128 GB NVMe
                          Brgds, Archi

                          V 1 Reply Last reply Reply Quote 0
                          • V
                            viragomann @Antibiotic
                            last edited by

                            @Antibiotic
                            So everything seems fine on your site.

                            Now I have to ask again after 17 posts, what is the real problem??
                            Which kind of connection does not work?
                            What output do you get? Error message or whatever?

                            A 2 Replies Last reply Reply Quote 0
                            • A
                              Antibiotic @viragomann
                              last edited by

                              @viragomann Sorry my friend, after 2 days of fighting with VPN, removed all. Could be next time try again but now my nervous system is become too weak))))) Anyway thanks a lot to try assist me and spent your time.

                              pfSense plus 24.11 on Topton mini PC
                              CPU: Intel N100
                              NIC: Intel i-226v 4 pcs
                              RAM : 16 GB DDR5
                              Disk: 128 GB NVMe
                              Brgds, Archi

                              GertjanG 1 Reply Last reply Reply Quote 0
                              • GertjanG
                                Gertjan @Antibiotic
                                last edited by Gertjan

                                @Antibiotic said in OpenVPN client assistance:

                                but now my nervous system

                                Check this one - the whole story.

                                Now I write down what I think :

                                DNS is worth $$$
                                And who has access to : Your real IP and your DNS data ? and keep in mind that combination of the two make the data even more valuable ?
                                Right.
                                I thinks these *****VPN supplier really start to think lately about how to make the max out of it.
                                And thinks get even better : you pay them .... or, when you read the thread above, one might ask : why don't they pay me ? or you ?

                                Why would they do all this ?
                                Simple. if I or you were working for them, I (we) would do exactly that : DNS interception.

                                Again, me just thinking, right ^^

                                No "help me" PM's please. Use the forum, the community will thank you.
                                Edit : and where are the logs ??

                                A 1 Reply Last reply Reply Quote 0
                                • A
                                  Antibiotic @Gertjan
                                  last edited by

                                  @Gertjan I'm apologizing for this, but what the point of this message? Do not use any VPN services?

                                  pfSense plus 24.11 on Topton mini PC
                                  CPU: Intel N100
                                  NIC: Intel i-226v 4 pcs
                                  RAM : 16 GB DDR5
                                  Disk: 128 GB NVMe
                                  Brgds, Archi

                                  GertjanG 1 Reply Last reply Reply Quote 0
                                  • GertjanG
                                    Gertjan @Antibiotic
                                    last edited by

                                    @Antibiotic said in OpenVPN client assistance:

                                    Do not use any VPN services?

                                    There is no definite yes or no answer.
                                    You can use what you want. Just keep the list with pro and cons updated. When you use a "thing", you have to control and understand that thing.
                                    Is it worth it ? Or not ? Up to you.

                                    No "help me" PM's please. Use the forum, the community will thank you.
                                    Edit : and where are the logs ??

                                    A 1 Reply Last reply Reply Quote 0
                                    • A
                                      Antibiotic @Gertjan
                                      last edited by

                                      @Gertjan How , its possible to control not your own VPN server outside?

                                      pfSense plus 24.11 on Topton mini PC
                                      CPU: Intel N100
                                      NIC: Intel i-226v 4 pcs
                                      RAM : 16 GB DDR5
                                      Disk: 128 GB NVMe
                                      Brgds, Archi

                                      GertjanG 1 Reply Last reply Reply Quote 0
                                      • GertjanG
                                        Gertjan @Antibiotic
                                        last edited by

                                        @Antibiotic

                                        You probably can't, but there is a way to make your question irrelevant.
                                        And it is also what most, if not all VPN ISP want you to do : install their app on your device, activate it - enjoy. Chances are very great you won't have any issues.

                                        The VPN ISPs control the app, as they build it. So, all they have to do make the app as slick as possible for everybody.

                                        Using a "VPN ISP" with your own router firewall is most often not supported, barely tolerated, by most "VPN ISP", as they then also have to support all the versions, all possible settings, write and maintain manuals, etc etc.
                                        Most often, is a "if you manage to get it work, that's great for you - if you don't : don't call us" condition.

                                        If you find something like this "Setup Tutorials > How to set up xprssVPN on pfSense (OpenVPN)" and that page can be found on the site of the VPN ISP itself, and not Instagram or Toktik, and is recently updated (February 14, 2024) then that might say to you that it probably also actually works.
                                        Btw : I'm not endorsing or recommending this VPN, it's just an example.

                                        Something that worked well for me in the past, is actually applying what you've said above :

                                        How , its possible to control not your own VPN server outside?

                                        It's way more easier then you think to make this happening.
                                        Since march 2020, millions if not billions did this : activate you own pfSense OpenVPN server.
                                        Install a OpenVPN 'app' in your smartphone, pad or portable PC.
                                        Now set up the OpenVPN server, use the pfSense blog page for a manual, or the pfSense manual, or one of the (old, yes, but still valid) Youtube Netgate channel OpenVPN videos.
                                        The advantage is two fold : you start to know how things work, as you control both sides = you see the logs on both sides. "Logs" are essentiel here, not optional.
                                        You also now have a secured remote access to your pfSense, and even your LAN's.
                                        When you've seen all this working, you are ready to pick a VPN ISP. Now you have to knowledge to know how to select a good one.
                                        And yeah, the 'price' is a factor, and present, somewhere buried in the list with your criteria.
                                        You know now also that that youtuber that told you that you should use xxxVPN was just payed to tell you this. And I bet he didn't tell you to use it with pfSense, but with your phone or some other personnel hand held device.

                                        No "help me" PM's please. Use the forum, the community will thank you.
                                        Edit : and where are the logs ??

                                        A 1 Reply Last reply Reply Quote 0
                                        • A
                                          Antibiotic @Gertjan
                                          last edited by

                                          @Gertjan First of all, example of ExpressVPN. I don't trust VPN whom belong to KAPE Aliance ,formerly know as Crossrider (the notorious creator of some pernicious data-huffing ad-ware, Crossrider. The UK-based company was cofounded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading who was later named in the Panama Papers. It produced software which previously allowed third-party developers to hijack users' browsers via malware injection, redirect traffic to advertisers and slurp up private data). Yea you can create OpenVPN server on pfSense, the point that after pfSesne your traffic anyway will go unencrypted!

                                          pfSense plus 24.11 on Topton mini PC
                                          CPU: Intel N100
                                          NIC: Intel i-226v 4 pcs
                                          RAM : 16 GB DDR5
                                          Disk: 128 GB NVMe
                                          Brgds, Archi

                                          A GertjanG 2 Replies Last reply Reply Quote 0
                                          • A
                                            Antibiotic @Antibiotic
                                            last edited by

                                            @Antibiotic Kape the company used to distribute malware and now is a security company)))) Nonsense

                                            pfSense plus 24.11 on Topton mini PC
                                            CPU: Intel N100
                                            NIC: Intel i-226v 4 pcs
                                            RAM : 16 GB DDR5
                                            Disk: 128 GB NVMe
                                            Brgds, Archi

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.