Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN PPPOE IP Leak

    Scheduled Pinned Locked Moved OpenVPN
    4 Posts 2 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sirhc247
      last edited by

      Hi,

      Apologies if this has been discussed before I have had a look on the forums with no apparent luck. I also have had a lengthy trouble shooting session with Private Internet Access to try and route the issues out so this forum is my last hope!

      The situation:

      My setup includes routing certain IPs down the VPN tunnel (using Private Internet Access), while the rest just use the normal non-vpn connection. The system is all setup and running fine apart from that certain online IP leak tests result in my real IP address being shown on clients using the VPN connection. Note, it is not all websites, just a select few that reveal my actual IP on the devices using the VPN connection.

      After lengthy discussion with PIA I have tried the following - I have flushed DNS on the devices, cleared cache and DNS on browers, cleared the cache on SQUID, and tried adjusting the VPN servers addresses. No luck.

      After all of this one of the technicians at PIA mentioned that "if you need PPPOE for my internet connection, it should only provide the login and password for the internet access and not an actual second path which is why you are seeing a random connection of protected/not protected".

      He then said he cannot offer direct support on what to do.

      Does anyone know how I can resolve the above? Happy to send screenshots of my setup if necessary.

      Thanks a lot for any help.

      1 Reply Last reply Reply Quote 0
      • S Offline
        Stan464
        last edited by

        Hi

        I tend to Set STATIC VPN Provided DNS Servers to prevent this.

        They are forced via my DNS Server running on Windows Server 2008.

        Have you set STATIC for DNS at all?

        1 Reply Last reply Reply Quote 0
        • S Offline
          sirhc247
          last edited by

          Hi Stan464,

          Thanks for your response.

          I do have static DNS, I actually use different DNS for VPN routed and Non-VPN traffic.

          In regards to my issues, it turns out that it was SQUID that was leaking my IP address because (according to a wise man at Level1Techs) SQUID essentially ignores certain/all firewall rules. I'm sure there is a more technical way of explaining it but that is what I gathered.

          My current solution is turning squid off.

          My future solution is to set up VLANs so I have squid and non-vpn traffic on one subnet, and no squid and vpn traffic on another subnet. Unless others can think of a more effective method???

          Either way, I hope this helps others in a similar situation.

          Thanks for trying to help out though, appreciate it.

          1 Reply Last reply Reply Quote 0
          • S Offline
            Stan464
            last edited by

            Hi

            ahhh Squid! Fair enough, its unusual it would ignore you predefined rules, considering it would have to use a DNS Server of Sorts to deal with the traffic to begin with.

            I set Satic DNS on both the PFSense Box & my DNS Server running on Windows Server 2008 just incase.

            And no worries at all!

            Stan464

            /Closed

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.