OpenVPN / VyprVPN Interface for Torrents
-
Here is my current setup:
PFSense 2.3.2-RELEASE-p1
4-Port LAN
EM0 - WAN
EM1 - LAN
EM2 - Down
EM3 - DownMy Intentions are to use a 2nd NIC in my PC cabled to the EM3 port, and then EM3 will be bridged to the OpenVPN. In this way, all of my Torrent Traffic (uTorrnt bound to 2nd NIC in my PC) will go thru VyprVPN.
So far I believe I have OpenVPN/VyprVPN setup correctly:
The issue being, beyond that, I can't seem to figure out the remainder. I've been muddling around with it for a few days, setting up an interface for VyprVPN, and for EM3, but no matter my mix of Firewall and Bridge attempts, I cannot get anything working.
How to I configure my PC's 2nd NIC - Will it be static, and if so, how to I configure another vlan on PFSense for this 2nd LAN.
Anyway, some help would be greatly appreciated.
-
Has no one any suggestions or helpful directions they can offer?
-DGCupit
-
I would recommend rethinking your architecture.
You are most likely going to have leaks with the way your currently planning on setting this up.
For what you are trying to accomplish you really want the entire computer going through the VPN for internet access.
You can use policy based routing to route this computers traffic through the VPN and have everything else in your network go out the WAN.
If I were trying to set something like this up myself I would do the following.
1. Get the VPN running on pfSense and configure it so all of your traffic goes through the VPN.
2. Determine which clients on your LAN don't like the VPN. For example, I would guess Rokus for streaming netflix and amazon prime won't like the VPN too much.
3. Use policy based routing to route the traffic for the IPs associated with the Clients that do not like the VPN to use the WAN instead. Use aliases for this to make it easier.
4. Build a VM that you will dedicate for torrents. I would probably snap shot it after you have it built but before you you start up any torrents. If your machine gets infected, which it probably will, you can revert to the snapshot. You can use your extra NIC and dedicate it to this VM. However I don't think that is really necessary.
If the VPN service is any good your only bottle neck is going to be the hardware you are running pfSense on and your internet connection speed.
You can dig around the forum for posts on policy based routing which give you the steps you need to set that up. I don't have time right this second to search and post the links myself. Though I have this one book marked because I've posted to this thread in the past.
https://forum.pfsense.org/index.php?topic=76015.0
-
You're probably right. I may make it even simpler and just install the client directly onto a dedicated VM, that way the VMPC itself will just tunnel out and I don't have to deal with getting it all working in PFSense, routing, etc.
Thanks for the suggestions.