Outbound PIA, Inbound OVPN Server - how to get both working at same time?
-
Hi Guys,
I've been through every flavour of software firewalls that I can think of and pfSense beats them all for my purposes hands down.
Anyway, I've got an outbound OpenVPN client configured for Private Internet Access - this works good!
I've also got an inbound OpenVPN server configured so I can remote to my LAN from Work. This also works good!The problem is, I can't get both working at the same time. As soon as the PIA connection is up, my openvpn server isn't listening on the WAN IP (I assume it's listening on the PIA Outbound IP).
Anyway, i'm guessing it has something to do with either firewall rules or NAT, however, i've turned a bunch of stuff on, allowed logging, and I still can't see where the issue is (note: I've undone all the changes for security reasons).
Can anyone help me out or point me in the right direction?
-
Hello.
You should do some reading on "selective vpn"I have VPN from PIA but only route 3 or 4 devices trough the VPN. this way I can connect to my OpenVPN server from work on my wan ip
-
The outbound routing through PIA is OK though - it's getting both to work at the same time that's the issue?
I actually want everything on the LAN side to travel outwards via PIA - not selecting specific devices.
Wouldn't your suggestion only be for specific devices?
-
Yes i suggest VPN only for specific devices or at least bypass your openvpn server port from vpn.
If not you have to open a port on PIA and redirect it to your vpn server port (advanced) https://www.privateinternetaccess.com/forum/discussion/23431/new-pia-port-forwarding-api -
Thanks mate..
I looked into the port forwarding via vpn and that doesn't suit my needs..
I'm happy to bypass the openvpn server from the vpn - just not sure how to do it?
Can you draw me a mud map?
-
hello.
You have to create a firewall rule on your openvpn port.
go to firewall -> Rules
Interface: LAN
Address Family: IPv4
Protocol: TCP/UDP
Source:Any
Destination: Any
Destination Port Range: you openvpn portAdvanced Options -> scroll down to "Gateway" and select WAN
SaveThis is not how I do, but i think it should work.
try connecting on your wan ip
-
hello.
You have to create a firewall rule on your openvpn port.
go to firewall -> Rules
Interface: LAN
Address Family: IPv4
Protocol: TCP/UDP
Source:Any
Destination: Any
Destination Port Range: you openvpn portAdvanced Options -> scroll down to "Gateway" and select WAN
SaveThis is not how I do, but i think it should work.
try connecting on your wan ip
I have the exact same problem. Do I have to alternate anything in the outbound tab except from the rules above?
I can't for the life of me get to use both client and server at the same time!
Many thanks! -
you could try the above rule on your PIA Interface.
If not I would configure the VPN -> OpenVPN -> Clients "Don't pull routes"
And the add firewall rules to the devices you want to use VPN -
you could try the above rule on your PIA Interface.
If not I would configure the VPN -> OpenVPN -> Clients "Don't pull routes"
And the add firewall rules to the devices you want to use VPNThanks for your answer.
The only working solution for me was to downgrade to 2.3.5 and install everything from scratch. Since then everything's working fine.The ''don't pull routes'' option under the PIA client configuration, was stopping the PIA encryption completely(I was getting my ISP's IP) while remote access was working OK. Therefore, it was essentially like if I was disabling the client.
-
that is what "don't pull routes" do.
You then have to set up rules on LAN to push devices and ports you want out the VPN interface.