I need help here. I am hitting the wall. Please help a noob.
-
I followed your suggestions on the NAT outbound.
Dude, you're tweaking mah OCD. :P I'd edit your Descriptions for sanity purposes as in my screenshot. Just two edits. "LAN to ExpressVPN" and "localhost to ExpressVPN"
My apologies to you. I am thinking of taking some Xanax with these pfsense ordeal.
Anyway I am attaching some desktop screenshots.
 -
I finally able to solve my pfsense ordeal. It took me 15 hours to figure everything out. Geolocation blocking is finally fixed. Netflix and Hulu are working but at the moment I can not get access to Amazon website on OpenVPN.
I would like to thank Finger79 and kenjianshi for their resolute support.
I will post some instructions later the day but until I resolve Amazon DNS problem.
-
Yes - It is very odd that netflix would work but not amazon. Its probably a simple fix. We can see after you post your final configuration.
This could be a DNS issue. You might want to find out if your VPN provider has their own dedicated reliable DNS IP and use that.
The problem I have with 8.8.8.8 and 8.8.4.4 is those can connect you to many different servers depending on your location.
In my laptop off the VPN from Manila when I ping 8.8.8.8, its 30ms
When in my vpn I use my remote pfsense LAN IP as my DNS server IP. When I ping that IP, it shows about 250ms. Far away as it should be.
When I ping 8.8.8.8 in the vpn, again over 250ms. So, it is being tunneled properly.
We might want to do that test with you to be sure that the DNS servers you are connecting to are physically in the USA and not close by.
Could be something else though. Not sure. Its strange.
-
I have a question because I have the same dilemma. If I am using 3 OpenVPN connections for my Outgoing DNS Resolver settings I would select all 3 for the Outgoing Interfaces. But, when Unbound is doing the resolving will it send a query out to all 3 Interfaces or only 1?
I also have a Gateway Group that is setup for fail-over purposes for the OpenVPN not sure if that matters as to whether or not Unbound will send a query to all interfaces or just the one that traffic is suppose to be going out at that time.
-
You can check your ExpressVPN IP and DNS here: https://www.expressvpn.com/dns-leak-test
-
Yes - It is very odd that netflix would work but not amazon. Its probably a simple fix. We can see after you post your final configuration.
This could be a DNS issue. You might want to find out if your VPN provider has their own dedicated reliable DNS IP and use that.
The problem I have with 8.8.8.8 and 8.8.4.4 is those can connect you to many different servers depending on your location.
In my laptop off the VPN from Manila when I ping 8.8.8.8, its 30ms
When in my vpn I use my remote pfsense LAN IP as my DNS server IP. When I ping that IP, it shows about 250ms. Far away as it should be.
When I ping 8.8.8.8 in the vpn, again over 250ms. So, it is being tunneled properly.
We might want to do that test with you to be sure that the DNS servers you are connecting to are physically in the USA and not close by.
Could be something else though. Not sure. Its strange.
I talk to my local ISP and bought their decommissioned DNS server ($$$$) on a condition that I have a dedicated US DNS connection.
-
Swatting flies with cannons?
-
I have a question because I have the same dilemma. If I am using 3 OpenVPN connections for my Outgoing DNS Resolver settings I would select all 3 for the Outgoing Interfaces. But, when Unbound is doing the resolving will it send a query out to all 3 Interfaces or only 1?
I also have a Gateway Group that is setup for fail-over purposes for the OpenVPN not sure if that matters as to whether or not Unbound will send a query to all interfaces or just the one that traffic is suppose to be going out at that time.
Unbound sends DNS queries out all interfaces. You can verify this from a DNS Leak tester such as this one: https://www.dnsleaktest.com/ and click on "Extended Test." You'll see the IP addresses for all 3 of your OpenVPN connections.
-
Yes - It is very odd that netflix would work but not amazon. Its probably a simple fix. We can see after you post your final configuration.
This could be a DNS issue. You might want to find out if your VPN provider has their own dedicated reliable DNS IP and use that.
The problem I have with 8.8.8.8 and 8.8.4.4 is those can connect you to many different servers depending on your location.
In my laptop off the VPN from Manila when I ping 8.8.8.8, its 30ms
When in my vpn I use my remote pfsense LAN IP as my DNS server IP. When I ping that IP, it shows about 250ms. Far away as it should be.
When I ping 8.8.8.8 in the vpn, again over 250ms. So, it is being tunneled properly.
We might want to do that test with you to be sure that the DNS servers you are connecting to are physically in the USA and not close by.
Could be something else though. Not sure. Its strange.
He's using unbound for DNS resolution though. The Google 8.8.8.8/8.8.4.4 settings are only used by the pfSense box if the VPN tunnel goes down. No LAN DNS queries should be forwarded to Google DNS.
-
Why should netflix work and amazon not? That is fairly backwards
-
Why should netflix work and amazon not? That is fairly backwards
That's never made sense to me. All else being equal, why would Amazon work when using the Asus router for OpenVPN but Amazon doesn't work when using pfSense for OpenVPN? So weird. lovan6 says the configurations are exactly the same, which means we should expect the same results. shrug