PfSense with OpenVPN Client for Chromecast?
-
Hmm, well I suppose that makes things logically simple but why not just use a single pfSense router with two internal interfaces?
Or just one internal interface and policy routing?
Or just route everything over the VPN as I think the OP wants. ;)
Also do it in a VM! ;D
@Shadoom: Your requirement to use Windows as the VM host, is that absolute?
Steve
-
Because he like me is apparently in possession of DDWRT routers.
But yes - you can do it with one pfsense router with one vlan switch and a configured openvpn interface.
I have VMS here that are clients to a pfsense set up like that (minus the vlan)
It requires less hardware to set up but more know-how.
This way has advantages over using ddwrt in that ddwrt isn't well patched.
pfsense would be more secure.
-
Hmm, well I suppose that makes things logically simple but why not just use a single pfSense router with two internal interfaces?
Or just one internal interface and policy routing?
Or just route everything over the VPN as I think the OP wants. ;)
Also do it in a VM! ;D
@Shadoom: Your requirement to use Windows as the VM host, is that absolute?
Steve
The method Kejianshi posted seems rather advanced and "overkill" for my needs. Althought I thank you deeply for your time and help. I thought about a simpler, smaller solution.
I've seen in this video https://www.youtube.com/watch?v=9E77ZWzN1P4 that he had a internal vSwitch and a external vSwitch on hyper-v. But I'm too inexperienced with pfsense/networking to know if thats the right thing to do with dual nics.Which host would you recommend? Windows is not absolute but I do use the machine for the occasional retro gaming session.
-
My way is the dummy way… haha.
The other way has a smaller hardware footprint and is better if you can configure it correctly.
-
If you're going to use windows you just need to be sure the host OS doesn't have a public IP at all. All traffic from the host OS must go via the pfSense VM which means setting up an virtual interface that exists both for the host and the pfSense VM and disabling the Windows networking protocols on the real NIC which is being passed through to the pfSense VM WAN.
What you're suggesting is certainly do-able in any supported Hypervizor. Since they're all slightly different I would go with whatever you're happiest using.
I wouldn't follow that youtube clip though. You should never add scripts in locations like he does there.
Steve
-
Chromecast is picky. Its not going to like NATing between subnets. You need to keep it and everything associated with it on one subnet.
-
Yep that's true you have to have the Chromecast and whatever device you're controlling it from in the same subnet. That would probably mean both those devices having all their traffic routed over the VPN but I don't think that's a problem for you.
Really the difficult part of what you're suggesting is trying to achieve it in a VM. And that isn't really that difficult if you're familiar with the hypervisor.
Steve
-
I wouldn't use either workstation or player. I'd use ESXI. But thats a dedicated box, so an small hardware appliance is probably better.
-
Yep I'd use ESXi too but that does limit the retro gaming potential. ;) Maybe very very retro games? ;D
Steve
-
I don't get it.. Either put pfsense on a type 1 vm host, or run pfsense direct on it. Or get some hardware for pfsense to run on, etc. Its not like any of these options bust the bank.. A OLD pc will run pfsense just great!!
Not like this poster doesn't have spendable cash with multiple server all over the globe for it seems to circumvent regional restrictions. If not mistaken netflix and stuff just needs dns redirection to by pass most of those - not full blown vpn.
-
I agree that esxi is probably the best solution for it.
But I had hoped for an all in one solution as I'd like to keep devices used and physical space consumed to a minimum. I'll try the method stephen has explained tomorrow when I've found some docs on it. Thank you for that :)
