ip leak, DNS? Using PIA Clueless.
-
I'm relatively new to this and I will explain as best as I can. I set this up using a combination of this YouTube video(https://youtu.be/ov-xddVpxhc) anf the info on the PIA website(https://www.privateinternetaccess.com/helpdesk/guides/routers/pfsense/pfsense-2-4-3-setup-guide).
I did upgrade to 2.4.4. a few months later. This may have been where the problem started. It was after that I was having trouble with local sites.I'm running PFsense 2.4.4 and using PIA as a client in OpenVPN.
In General setup system is: localdomain
I using the PIA DNS servers (209.222.18.222 and 209.222.18.218).
When i google whats my IP im getting a location in the middle of nowhere when I'm using a NYC server.
Furthermore I cant get on certain local websites like my electric company unless i use google name servers on my laptop (which bypasses the vpn). Could I have set this up wrong?
Frankly I'm amazed that I actually got this working(sort of)with the technical knowledge I have (or lack,lol). I could look up or screenshot my settings if it will help.
Any help would be appreciated. -
i believe with just about any provider that is normal.
my banking websites go bonkers when i login using a vpn provider. that is just part of it. and in all honestly i would be thankful they are detecting a strange connection to your service
so just to be clear. you can browse websites normally. it is just banking/ your electric company you are having login issues with?
-
I created a rule for some devices to bypass the VPN. Even those cant get on those sites.
I tried to get help from PIA, they said it was the settings in the router. -
So when you say you are using the PIA DNS servers (209.222.18.222 and 209.222.18.218), what did you do to set that up? Did you configure the forwarder in pfsense to use those DNS servers?
-
@mhertzfeld No. How do i do that?
-
@edwardnizz still haven't resolved my situation. Would appreciate some help.
-
You have not provided enough info to help you to be honest..
Out of the box pfsense resolves, so you setting your vpn services dns wouldn't do anything. Unless you enabled forwarder mode in the pfsense resolver, or changed over to forwarder. Or set those on your actual client behind pfsense.
The nonsense guides from those vpn services have all your traffic going through them vs setting up policy routing.. So unless you told pfsense not to pull routes, and setup policy routing correctly.. Its quite possible your still going out the vpn... Which yeah your bank and stuff will prob scream about..
As to getting help from PIA - yeah good luck with that from the few threads seen around here about their help.. You prob be better off just rando clicking shit :) hehehehehe
If your doing policy routing for a client and it shows a vpn IP when you google whats my ip vs your actual wan ISP ip then your policy routing is not working!
-
@johnpoz well you didn't provide any insight either. Just alot of technical mumbo jumbo that you know i dont understand.
I could just try from scratch or pay for support. Im willing to pay if anyone knows a good pay support site familiar with PFsense. -
@edwardnizz said in ip leak, DNS? Using PIA Clueless.:
Im willing to pay if anyone knows a good pay support site familiar with PFsense.
https://www.netgate.com/support/ you won't get better support than there.
-
Well if you don't understand a techo term - then LOOK IT UP!!
You are paying PIA - have them help you!
Just at a loss to how people with no understanding of how this stuff works - are convinced they actually need a vpn to hide that they go the internet from from their own ISP. Then when shit doesn't work they don't get it why...
-
@johnpoz you dont know me or what kind of time i have available to me.
I dont want to argue abd i dont spend hours in front of a computer.
If someone wants to get paid though whatever, there more then welcome to set a time where we coud go over this and sort it out.
Im just trying to solve my problem and thats all im saying about this today. -
post some screen shots of the following
System\General Setup (specifically the DNS settings)
Services\DNS Forwarder
Services\DNS Resolver
Services\DHCP Server -
Thanks mhertzfeld! Here's what I got,
login-to-view
login-to-view login-to-view login-to-view
login-to-view
login-to-view
There's also a list of static mappings on the bottom of the DCHP Server page. -
under dns resolver. disabled dnssec. PIA doesn't support this.
then enable forwarding mode right below it. see if that clears anything up
-
@bcruze ok on the android device, using the chrome browser, I did get a NY area IP after the adjustment. I have no clue how that relates to DNS, but hey, its a win. Thanks!
However, and this is strange, but my laptop (which bypasses the VPN using a bypass rule) still cant connect to the local utility company. Even when i disable the bypass rule. I still dont connect.
I did do a workaround by setting up my ip4 settings in my laptop to use "Google " DNS servers 8888 and 8844. That seems to work.Also all my android devices use the vpn. All my pc's are bypassed with aliases. When i checked the laptop i disabled the bypass rule and checked the other pc's as well. When disabled they did show PIA's server instead of my isp's. And when i enabled the rule it showed my real ip as it should.
-
@edwardnizz
http://dnsleak.com/That will tell you if you are using their tunnel and dns
-
Unless you are using the PIA DNS Servers for a reason I would recommend either setting all your DNS settings back to the defaults or follow the guide below to setup DNS over TLS.
https://forum.netgate.com/topic/139771/setup-dns-over-tls-on-pfsense-2-4-4-p2-guide/2
-
I was just following there tutorial. I diddnt know if i had to use there DNS.
Furthermore they never updated there tutorial to the new version.