PfSense + unRAID BitTorrent + AirVPN = Confusing
-
Those are actually even bigger, but with less information in them! ;)
Anyway can we see the outbound NAT rules screen. That's where it looks like the issue is from what we see on the state table. Unless the 'VPN IP' label was for two different IPs?
If it was then something else is preventing the tracker replying.
Those gateway monitoring values look bad. No way they should be showing 0ms.
Steve
-
Yes, the VPN IP for the inbound traffic was a different IP than the outgoing one, as inbound was on VPN3 (ends with .143) and outbound was on VPN1 (ends with .14).
But i added the outbound NAT table anyway :)
The torrent client sit on the 192.168.1.* subnet. I also have a 192.168.10.* subnet for my remote OpenVPN connections when I am outside my network.
-
Mmm, yeah that looks good. Hard to say why the outbound connection is not working then.
Does other outbound traffic work from the torrent client machine?
Steve
-
I think so. It is an unraid server, with multiple packages ("containers") on it (the torrent client being one of them). Each container has an own IP address and Port to access/be accessed on the network. All containers work without any issues. Also my VM's on the server have an Internet connection.
Even when I remote connect my phone/laptop via OpenVPN, it gets it's 192.168.10.* subnet IP, which is then going out over my secured VPN
-
Then I'd have to guess an issue with the tracker setup. Looks like the port forwards and VPN is all configured correctly at this point.
Steve
-
That was my initial though as well, but I do not know if the tracker setup is something in pfSense (e.g. I forgot to put some rule in or check a certain box, which is why udp tracker traffic is being blocked), or whether it is due to my torrent client not being correctly configured. :o
-
The problem appears to be with the initial http connection from the client to the tracker. Nothing is coming back. Almost like it's using the wrong IP address. Or maybe your public IP is blocked by the tracker.
What error do you see at the client?
Does it work if you configure it to not use the VPN?
This doesn't appear to be an issue with the pfSense setup from what we can see.
Steve
-
From the torrent client side it goes from 'Tracker: Announcement Sent' to 'Tracker: Error - Timeout'. This happens regardless of which tracker I use (I added 10 downloads in the meantime, all of them the same failure). If it goes directly over my non-VPN WAN, I have no issues.
Also, in the past I used to have a download client from AirVPN which opened the VPN tunnel for me (similar to OpenVPN client software). This would also ussually not cause an issue.
Finally, the container was also available in a 'VPN Configuration', where the container directly connects to the VPN network. Again, no issues there (if we can't find a way to solve it, I might just revert the torrent client to a VPN config directly over WAN :P )
-
Ok well I think you;re going to need to confirm the torrent client has any outbound connectivity somehow then.
If you can't run a test from it directly the get a packet capture filtered by it's internal IP on LAN to make sure at least something is coming back to it.
Steve
-
So, I have no idea why it worked, but I installed the VPN version of the client, and it started downloading! I guess the container might be a bit buggy? It's double tunnelled now, so the client makes a VPN connection to the VPN network by using the original VPN tunnels.
This stuff makes my head spin!