OpenVPN: Hulu and Pandora

_Adrian_

Looking to use OpenVPN to get an US based IP so i can use the aforementioned services, while my regular connection does exactly the same as it does now.

What are my options ?

cmb

There are numerous VPN service providers where you can get such a connection. I don't have first hand experience with long term use of any of them, others here have posted on them. Find some, Google "providername site:forum.pfsense.org", and you'll find experiences on most all of them, and howtos for several. The key for the type of setup you're after is putting route-nopull in as a custom option so you don't get any routes they want to send you, create an alias with Hulu and Pandora's IP blocks, and policy route traffic destined to that alias out the VPN.

_Adrian_

I've signed up with private tunnel but i dont think its the right service for my needs.

Basicly what i'm trying to achieve is to route all hulu and pandora requests to OpenVPN and the rest of the traffic routed on my regular IP.

cmb

Private Tunnel should work fine for what you're looking to do. I'm not sure how they handle routing, guessing they may push you a default gateway like most of them do, which is why you need the "route-nopull" custom option to ignore their routes. Then assign that OpenVPN client instance as an interface under Interfaces>assign, add an alias that contains the IP subnets for Hulu and Pandora, and add a rule on LAN to send anything destined to that alias out the OpenVPN gateway.

_Adrian_

My Wife and Daughter are huge into music and Me along with my son are into movies and TV shows…

So Pandora for the wifey and my daughter, and HULU will be for me and the kiddo

_Adrian_

OK
For a CA I had to use the file the PrivateTunnel server generated certificate.

I had to go to System/Cert Manager -> Add New CA -> copy and paste info from server generated CA into Certificate Data field, add a Descriptive Name ( I named it PrivateTunnel.com ) for the certificate and hit Save. Then went to Wizzard -> Followed instructions on pfSense Document for OpenVPN:

Protocol: UDP
Local port: 1194
Address pool: 192.168.1.0/24 (It should be an address range that you ''DONT'' currently use.)
Local Network: x.x.x.x/24 ( The network is that you want the VPN client to connect to)
Remote Network: blank
Cryptography: BF-CBC (128 bit) - or use what you want
Authentication Method: PKI

However…
this is the log snip:
Apr 16 15:57:47    openvpn[19051]: OpenVPN 2.2.0 i386-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Aug 11 2011
Apr 16 15:57:47    openvpn[19051]: NOTE: the current –script-security setting may allow this configuration to call user-defined scripts
Apr 16 15:57:47    openvpn[19051]: Cannot load CA certificate file /var/etc/openvpn/server2.ca path (null) (SSL_CTX_load_verify_locations) (OpenSSL)
Apr 16 15:57:47    openvpn[19051]: Exiting

Any insight ???

cmb

You don't use the wizard to connect to someone else's server. You'll have to import their CA cert, the user cert and key they give you, and then configure a client (VPN>OpenVPN, Client) to connect to them with the parameters they provide.

_Adrian_

@cmb:

You don't use the wizard to connect to someone else's server. You'll have to import their CA cert, the user cert and key they give you, and then configure a client (VPN>OpenVPN, Client) to connect to them with the parameters they provide.

I did use the Cert issued by the PrivateTunnel and set it up according to the instructions given by them.
I never set up OpenVPN or used it before.
So for me its like stumbling in the dark…
Thats why im here !