Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [solved] VPN Tunnel via PIA seems not to be working.

    Scheduled Pinned Locked Moved OpenVPN
    pia routing
    20 Posts 2 Posters 2.8k Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V Offline
      viragomann
      last edited by

      Check out your public IP, e.g. here: https://whatismyipaddress.com

      1 Reply Last reply Reply Quote 0
      • S Offline
        stig.joergensen
        last edited by

        Yes, and thats what i do - but i get connection timeout when the outbound nat rule is using the VPN interface - but if i change that to use the external interface, then it works as expected.

        Which is why i dont think the tunnel is working, even though it states it up.

        1 Reply Last reply Reply Quote 0
        • V Offline
          viragomann
          last edited by

          I guess it's on the policy routing rule. Have you configured it?
          Post a screenshot.

          Which PIA do you use? The interface assignments screenshot shows two, but only one has an interface assigned.

          S 1 Reply Last reply Reply Quote 0
          • S Offline
            stig.joergensen
            last edited by

            That might be what i have missed, i cant recall anything about policy routing, will check when i get home.

            Im using the California one (i made two, to see if it was the server end that had an issue - with different server addresses, but same settings)

            Will post once i get home to check up on this.

            Thanks.

            1 Reply Last reply Reply Quote 0
            • S Offline
              stig.joergensen @viragomann
              last edited by

              @viragomann said in VPN Tunnel via PIA seems not to be working.:

              I guess it's on the policy routing rule. Have you configured it?

              Ehhh, where do i find these policy routing rules?

              Under firewall/rules or ?

              1 Reply Last reply Reply Quote 0
              • V Offline
                viragomann @viragomann
                last edited by

                @stig-joergensen said in VPN Tunnel via PIA seems not to be working.:

                Ehhh, where do i find these policy routing rules?

                @viragomann said in VPN Tunnel via PIA seems not to be working.:

                For policy routing you have to add a firewall rule or edit an existing one, open the Advanced Options, go down to the gateway section and select the particular gateway you want. For PIA select OPT2 here.

                1 Reply Last reply Reply Quote 0
                • S Offline
                  stig.joergensen
                  last edited by

                  but PIA or OTP2 dont have a gateway

                  bcadf0bb-1db2-483d-9fe1-4889d522e10f-image.png

                  There is only the external gateway defined here:
                  b5232ae6-da01-42ba-a68f-04ce94e4efc4-image.png

                  and i cannot edit the interface OPT2 (otherwise i would have renamed it) due to Chrome autofill

                  4bc6ff65-19be-49e6-a588-1e21628bd090-image.png

                  1 Reply Last reply Reply Quote 0
                  • V Offline
                    viragomann
                    last edited by

                    If you assign an interface to the OpenVPN instance and activate it, it will appear.
                    You didn't enable it.

                    1 Reply Last reply Reply Quote 0
                    • S Offline
                      stig.joergensen
                      last edited by

                      Hmm, here is where chrome autofill messes stuff up

                      a35244df-c869-4c4e-8c5f-aa7bc8f75938-image.png

                      The MAC Adress is prefilled with username but clearing this is apperently not enough

                      I think a hidden field exists - will see how i can get chrome to ignore autofill on this page..

                      1 Reply Last reply Reply Quote 0
                      • V Offline
                        viragomann
                        last edited by

                        Never seen this error on OpenVPN interfaces.

                        Maybe it helps if you change the interface assignment to something else the check if the field are filled and delete if, then switch back to the OpenVPN instance.

                        1 Reply Last reply Reply Quote 0
                        • S Offline
                          stig.joergensen
                          last edited by

                          By using guest browsing i was able to make it work:
                          377452b9-ad1f-490c-99e9-38741ee24c08-image.png

                          but sadly it sais gateway offline:

                          4ae24300-878c-4262-b24d-d3dbc88fa252-image.png

                          with this config:
                          5e2a2740-c340-43fe-aff5-150b4b592955-image.png

                          efa7cfd7-cb10-435d-8c57-37c17639c40d-image.png
                          ef70e2bb-16ae-457e-836c-e2229428c92b-image.png

                          V 1 Reply Last reply Reply Quote 0
                          • V Offline
                            viragomann @stig.joergensen
                            last edited by

                            @stig-joergensen said in VPN Tunnel via PIA seems not to be working.:

                            but sadly it sais gateway offline:

                            That means that the gateway address doesn't respond to pings. Maybe the outbound traffic works anyway.

                            1 Reply Last reply Reply Quote 0
                            • S Offline
                              stig.joergensen
                              last edited by

                              Damn, you are right - it does infact work - just not with ping... tracert works just fine - and internet browseing also

                              Thanks a million - i knew i was something very simple...

                              Is their a method where I can change how it discovers if the gateway is up?

                              V 1 Reply Last reply Reply Quote 0
                              • S Offline
                                stig.joergensen
                                last edited by

                                6fd8dc51-88e7-45ad-b254-6e0c68ed93de-image.png

                                is there a way i can mark this as solved?

                                1 Reply Last reply Reply Quote 0
                                • V Offline
                                  viragomann @stig.joergensen
                                  last edited by

                                  @stig-joergensen said in VPN Tunnel via PIA seems not to be working.:

                                  Is their a method where I can change how it discovers if the gateway is up?

                                  You may entering any other public address which responses on ping in the gateway settings at monitoring. System > Routing > Gateways. E.g. 8.8.8.8.
                                  However, I don't know if pfSense automatically routes that over the VPN. So you may test it first. Otherwise you can additionally set a static route.

                                  Marking as solved is only possible by editing the topic manually AFAIK.

                                  1 Reply Last reply Reply Quote 0
                                  • S Offline
                                    stig.joergensen
                                    last edited by

                                    Yep

                                    Setting the monitor IP on the gateway made it green - Happy days :

                                    866af541-d686-4aa8-b6aa-9cdfbfafd3a8-image.png

                                    1 Reply Last reply Reply Quote 0
                                    • S Offline
                                      stig.joergensen
                                      last edited by

                                      And edited the title

                                      Thanks again for all your help and time, Much appreciated

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.