Route Traffic via VPN
-
Yes, it is possible.
Setup the openVPN Server on pfSense and check the redirect gateway function.
Scroll down to "Redirect IPv4 Gateway" or "Redirect IPv6 Gateway". Check the appropriated box for IPv4 and/or IPv6.
Reconnect on client side.
You can check if it works by using traceroute on client side.
Hope it helps
Dabbelju -
@dabbelju007 Any user guide I can follow.
-
I follow this guide.
https://stefanrows.medium.com/configure-openvpn-for-pfsense-2-4-the-complete-guide-64edc7278462
Thu Feb 11 09:57:16 2021 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Thu Feb 11 09:57:16 2021 OpenVPN 2.5.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 28 2020
Thu Feb 11 09:57:16 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Thu Feb 11 09:57:16 2021 library versions: OpenSSL 1.1.1h 22 Sep 2020, LZO 2.10
Thu Feb 11 09:57:39 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]27.122.12.236:50743
Thu Feb 11 09:57:39 2021 UDPv4 link local (bound): [AF_INET][undef]:0
Thu Feb 11 09:57:39 2021 UDPv4 link remote: [AF_INET]27.122.12.236:50743
Thu Feb 11 09:58:39 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Feb 11 09:58:39 2021 TLS Error: TLS handshake failedThis is the error log.
-
I delete the previous configuration and now it works.
Questions:
How to ensure my traffic is encrypted to INTERNET?
I tried to check who ip but it shows my internet ip address. -
Thu Feb 11 11:49:45 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Feb 11 11:49:45 2021 TLS Error: TLS handshake failed
Thu Feb 11 11:49:45 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Feb 11 11:49:55 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]175.144.174.251:51734
Thu Feb 11 11:49:55 2021 UDPv4 link local (bound): [AF_INET][undef]:0
Thu Feb 11 11:49:55 2021 UDPv4 link remote: [AF_INET]175.144.174.251:51734I could not reconnect after disconnect. Don't know why.
-
@peter_apiit Are you using a commercial VPN provider? (NordVPN, Mullvad, Pure, PIA etc?) If so which one?
-
@griffo I did not using any commercial VPN provider.
I reinstall the openvpn n connect successfully.
Questions:
How to ensure my traffic is encrypted to INTERNET?
I tried to check who ip but it shows my internet ip address. -
@peter_apiit That guide is to set up OpenVPN as a server so you can VPN into into your network over the Internet.
It sounds like you want to send all your outbound Internet traffic down a VPN, which means you need to set up pfsense as a Client connecting to a VPN provider. -
@griffo Is it possible to setup pfsense as server + client so that i can route all my traffic via tunnel network?
Is yes, any guide?
-
@peter_apiit Route it to where? Do you have a second site you want to use as the main internet exit point? e.g
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-route-internet-traffic.htmlOr you want to hide all your internet traffic from whoever and use a commercial VPN provider?
https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-client.html shows the general setup but you need to replace wireguard with OpenVPN -
@griffo said in Route Traffic via VPN:
https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-client.html
The second choices is what I want. To route all outbound traffic to my VPN provider.