Multiple NordVPN profiles problems
-
Hi Experts,
I have configured NordVPN on pfsense without any problems for one profile and everything works.
But I wish to have a group of devices go through one profile, and a different group go through another profile.
For example :
device1,2 -> UK (destination/profile 1)
device2,3 -> France (destination/profile 2)The nordvpn servers push the following to clients with bold the same for all profiles :
PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,explicit-exit-notify,comp-lzo no,route-gateway 10.100.0.1,topology subnet,ping 60,ping-restart 180,ifconfig 10.100.0.2 255.255.255.0,peer-id 8,cipher AES-256-CBC'I think I need to split up the subnets for each destination, and I have done this via some custom options :
UK : Assigning local subnet 10.1.10.2- pull-filter ignore ifconfig;
- ifconfig 10.1.10.2 255.255.255.0;
France : Assigning local subnet 10.1.11.2
- pull-filter ignore ifconfig;
- ifconfig 10.1.11.2 255.255.255.0;
This has the desired effect of starting each profile on it's own subnet (after specifying subnets in the OVPN profiles also : IPV4 Tunnel Network : 10.1.10.0/24 & 10.1.11.0/24)
I know the server on NordVPN's side are still expecting data on 10.100.0.1, so how do I map the individual subnet to each server?
I've tried specifying "route-gateway 10.1.10.1" but no luck.Hopefully one of you guru's can provide some direction/solutions on what the best way to do this is?
Maybe I don't even need multiple subnets?
I have seen posts make reference to users having done this successfully, but no-one seems to have posted their solution unfortunately.
Thx! -
Sorry, not an answer, just a suggestion.
Read this. At first, you'll say : this is not related to my question. But read until the end, and do your own tests. -
@MadMaxster When I set up multiple clients using surfshark I copied the original client, edited the "Server host or address" of the new client, changed the description to reflect the new server, then proceed to the interfaces to turn it on. The problem which comes around occassionally is the interefaces when they restart up end up with the same ip. I just restart one of them to correct.
-
@Gertjan - Thanks for responding and the suggestion - it's a long thread so will take me some time to process!
-
@The-Party-of-Hell-No - thanks for your input
This is what I have :
Servers are setup but the problem is that both servers 'PUSH' the same ifconfig and route-gateway numbers, so they clash when both are on simultaneously.
I can filter and redefine them to be on separate subnets but I don't get web as the server for each one is still on 10.100.0.1 and not on the subnets (10.1.10.1 and 10.1.11.1)Have you split your multiple simultaneous profile connections over separate subnets?
I think I'm missing either a key openvpn client command I'm not aware of to redirect the gateway to be a specified ip, or another different way of doing this completely.
Again - thanks for any advice or pointers you can give!