PfSense / PIA VPN / DNS Issues



  • I've been running pfSense with a PIA VPN client for almost a year now.  I've set it up so only some of the LAN traffic will use the VPN client gateway.  Recently (about 3 months) ago my internet will randomly go down.  At first I tried to fix by resetting pfSense, but that usually didn't fix the problem.  I had to reboot the cable modem.

    Last week I started with a completely fresh installation of pfSense and built it again from scratch thinking maybe it's an issue with one of the settings I have on the router.  That didn't fix it.

    I'm wondering if anyone on here has some insight or recommendations on where I even begin troubleshooting this.  I have to reboot the cable modem on average every 24-48 hours and it's getting annoying.

    More description about my setup:

    • Started with base connection to WAN from pfSense.  Set the DNS servers to those provided by PIA VPN.
    • Setup PIA VPN from directions taken from these forums and from the PIA support page.  This routed all my traffic through VPN.
    • Modified gateways so that only a select few IPs traffic was routed through VPN gateway.
    • Running on a simple Intel based PC, 4GB RAM, Intel Dual gigabit Eth card.

    More description about issues:

    • Whenever I lose internet, all browsers will say it can't find DNS
    • As described in setup, I have the DNSs set to the VPN DNS addresses.  However when I go back to 'General Setup' page, the Google DNSs are listed.  When everything works and I do a DNS leak test, it confirms it is using the VPN DNSs on both WAN/VPN interfaces.  Not sure why it is displaying the Google DNSs.
    • Gateway status shows the WAN gateway is working, but the VPN gateway is down.  However the VPN status shows that it is still up.

    TIA!



  • Hey Mudd,

    What troubleshooting steps have you done beside reisntalling and rebooting? Have you eliminate PIA for a while and see if everything works fine? Have you eliminate pfsense from the picture to make sure your ISP is fine? If you believe DNS is the issue check these two post out:

    https://forum.pfsense.org/index.php?topic=105194.0
    https://forum.pfsense.org/index.php?topic=76015.msg474246#msg474246

    U3



  • I'll try that throughout the next couple days.  Thanks for those links, I'll comb through them and see if there is something I haven't tried.

    I've already shut down the VPN gateway/interface/rules.

    An observation I've noticed is under System -> General Setup, if I setup the router to use Google DNSs for the WAN interface and do a leak test, I'm still getting my ISPs DNS.  Any clue why this is still happening?



  • So I've had the VPN settings turned off and disconnected for about a week.  I'm still having occasional disconnection issues.  At this point I have a basic pfSense setup with only a port forwarded for Plex.  The only thing to try now is take pfSense out of the setup, which would then tell me that there was a software update along the way that doesn't agree with my HW since I'm guessing not everyone is having this issue.

    Going through my router the only other differences are I have DHCP static mappings and I turned DNS resolver off and DNS forwarder on.



  • What is your current version of pfsense? Can you post system logs?



  • I am running the latest stable release.  Can't remember off the top of my head what version it was (2.3.2?) but this issue has been for a while.  If I had to guess, it may have been around the time I upgraded to 2.3?

    You probably want sys logs after it disconnects, right?  I've taken pfSense out of the connection at the moment.  I had 3 eeros connected to pfSense in bridge mode, so this gave me a chance to check out their router features as I've only ever used them as APs.  When I get some extra time I'll connect it to network and try to get some logs.