Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic through PIA OpenVPN generates firewall logs

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 559 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      netnewb
      last edited by

      I have a problem with forwarding torrent traffic from a host through a Private Internet Access OpenVPN tunnel. I've been doing research on this for a while but I can't figure out where my problem is. Traffic seems to flow, but I sometimes get block alerts in the firewall logs for the forwarded ports.

      I've used several guides but mostly this one https://forum.pfsense.org/index.php?topic=72902.0 . Here's what I did so far:

      • created OpenVPN connection to PIA

      • assigned interface to it, PIAOVPN

      • created port forward rule on interface PIAOVPN to host

      • created outbound port forward from torrent host. with tagged traffic so I can block outgoing traffic if PIA connection is down with a floating rule

      • created allow rule on PIAOVPN interface

      • created allow rule on LAN interface for outgoing traffic with PIAOVPN as gateway which seems to work

      • created floating rule to block traffic if openvpn gateway is down

      I'm running deluge with outgoing ports 6891-6899 and incoming 6881-6889. On pFsense I have pfblockerng and snort (disabling it doesn't do anything).

      My problem is that sometimes I get an alert like this one

      Ran pfctl -vvsr and this seems to be the rule that's blocking traffic:

      (1473543312) block drop in log quick on openvpn inet all label "USER_RULE"
      

      The thing is, downloads and uploads seem to work just fine, so I don't understand what's with the alerts. Any help is appreciated.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.