Routing PIA VPN to select devices on LAN

cobrahead

Got it. I have learned a lot over the last week. :D

The only thing that is not working now is stopping and re-starting the OpenVPN service. Some change(s) I made today have caused a full reboot to be necessary in order to restart OpenVPN if it goes down.

mauroman33

You could try to install Service_Watchdog from System->Package Manager->Available Packages

Then in Services->Service Watchdog->Add you can select the OpenVPN client that you're using

cobrahead

@mauroman33:

You could try to install Service_Watchdog from System->Package Manager->Available Packages

Then in Services->Service Watchdog->Add you can select the OpenVPN client that you're using

I added it and set it up. No luck though. When I manually stop OpenVPN I cannot get it to restart, without rebooting pfSense.

mauroman33

After a failed attempt, did you try to check on Status-> System Logs-> OpenVPN?

cobrahead

@mauroman33:

After a failed attempt, did you try to check on Status-> System Logs-> OpenVPN?

This is what I get after I manually shut it down and try to re-start it.

Aug 16 16:55:11 openvpn 29537 RESOLVE: Cannot resolve host address: swiss.privateinternetaccess.com: hostname nor servname provided, or not known

mauroman33

It seems there is a problem with DNS.
Sometimes it happened in my system also, so I added the unbound service in Service Watchdog and the problem has not more occurred.
Actually right now there is only the unbound service in my Service Watchdog.

cobrahead

@mauroman33:

It seems there is a problem with DNS.
Sometimes it happened in my system also, so I added the unbound service in Service Watchdog and the problem has not more occurred.
Actually right now there is only the unbound service in my Service Watchdog.

I added the unbound DNS resolver.

After I reboot pfSense I get this in the DNS Resolver Sytem Log:
Aug 16 17:44:13 unbound 32313:0 notice: init module 0: validator
Aug 16 17:44:13 unbound 32313:0 notice: init module 1: iterator
Aug 16 17:44:13 unbound 32313:0 info: start of service (unbound 1.5.9).

Then, after I take down OpenVPN and try to re-start I get this for a full page:
Aug 16 17:49:54 unbound 28726:2 error: can't bind socket: Can't assign requested address for 10.133.1.6

Watchdog.png_thumb

mauroman33

I don't know what the problem is, it would take someone with more experience.
Meanwhile you could try to add some DNS servers in System->General Setup and to check the DNS Resolver setting.
I'll show you mine.
Don't take care of the "Custom options" field content, because it's related to pfBlocker.

General_Setup.png_thumb
![DNS Resolver.png](/public/imported_attachments/1/DNS Resolver.png)
![DNS Resolver.png_thumb](/public/imported_attachments/1/DNS Resolver.png_thumb)

cobrahead

@mauroman33:

I don't know what the problem is, it would take someone with more experience.
Meanwhile you could try to add some DNS servers in System->General Setup and to check the DNS Resolver setting.
I'll show you mine.
Don't take care of the "Custom options" field content, because it's related to pfBlocker.

That was it. I added 8.8.8.8 and 8.8.4.4 and it works. Look at my DNS Resolver settings, they appear to be a little different than yours, would you change anything?

@johnpoz:

Post up your rules and we can discuss, etc.

@pf3000:

Now that you have a working VPN connection, you can do this

Thanks again! … to everyone that helped me get this setup!

![resolver settings.png](/public/imported_attachments/1/resolver settings.png)
![resolver settings.png_thumb](/public/imported_attachments/1/resolver settings.png_thumb)

mauroman33

Glad to help you! I don't think you need to change anything.