[Solved] Configure PIA Aliased IPs

reubenb87

Hi everyone, I've been stuck on this for ages.
I've been folllowing:
https://forum.pfsense.org/index.php?topic=142335.0
and
https://forum.pfsense.org/index.php?topic=72902.0

But I just can't get it happening.

I have 2 physical interfaces WAN and LAN, I have managed to get to Status -> OpenVPN as up and it looks like it's given me a proper IP. I've made a new Interface, called PIAVPN but am unsure on Interfaces -> Assignments what it should be assigned to. I have it set to ovpnc2 (PIA OpenVPN), is this my problem? WAN is set to PPPOE(em1) and LAN is set to em0

I've duplicated all the Firewall -> NAT -> Outbound rules for the PIAVPN interface (each WAN rule I duplicated).

In Firewall -> Rules -> LAN I have setup a new rule for PIA VPN passthrew:
Protocol Source         Port         Destination Port     Gateway         Queue          Description

• *                 *         LAN Address 443 80  *                         * Anti-Lockout Rule
  IPv4 * PIA_VPN_IPs *         *                 *     PIAVPN_GW         none PIA VPN Passthrew  
  IPv4 * LAN net         *         *                 *     *                         none Default allow LAN to any rule

But in Firewall -> Rules -> PIAVPN I have also put (maybe incorrectly?):
Protocol Source         Port Destination Port Gateway         Queue
IPv4 * PIA_VPN_IPs * *                 * PIAVPN_GW none

When I hover over PIA_VPN_IPs (the Alias) it correctly says 192.168.1.48 which I want, but from a terminal in that VM "wget -qO- http://ipecho.net/plain ; echo" I get my public IP.

Any hints? I've tried a bunch of things but I either kill WAN access everywhere or just to that VM.

bcruze

try this guide: https://www.privateinternetaccess.com/forum/discussion/29231/tutorial-pia-on-pfsense-2-4?new=1

you don't need an interface at all for this

Velcro

Here is a guide with interfaces:
https://www.privateinternetaccess.com/pages/client-support/pfsense

I haven't tried it on a VM but worth giving it a go…

When you try this does it work?

In Firewall -> Rules -> LAN I have setup a new rule for PIA VPN passthrew:
Protocol  Source          Port          Destination  Port      Gateway          Queue          Description
*          *                  *          LAN Address  443 80  *                          *      Anti-Lockout Rule 
~~IPv4 *  PIA_VPN_IPs  *          *                  *      PIAVPN_GW          none      PIA VPN Passthrew     ~~
IPv4 *  LAN net          *          *                  *      *                            none      Default allow LAN to any rule

But in Firewall -> Rules -> PIAVPN I have also put (maybe incorrectly?):
Protocol  Source          Port  Destination  Port  Gateway          Queue
~~IPv4 *  PIA_VPN_IPs  *  *                  *  PIAVPN_GW  none ~~

What is in your alias for source?

reubenb87

Thanks for the quick replies!

bcruze:
I did try that guide, I reckon its the same as the first link I posted. I'm a bit confused by it, as Step 18 has:
Set Interface to "OpenVPN"
But it doesn't show where to setup this interface, or where it came from? I think it's missed a step somewhere (or I'm misunderstanding).

V3lcr0:
If I remove those two rules, I just get a data from LAN to go over my normal gateway ie WAN. Sorry might have misunderstood your instructions.

Alias for source (Firewall -> Alias -> IP):
Name:PIA_VPN_IPs
Type:Host(s)
IP or FQDN: 192.168.1.48

Any other hints?

Edit:
Sorry everyone, the answer was hidden in plain sight! A new interface OpenVPN is added automagically when you configure it. I added all the NAT outbound rules as specified in the guides with OpenVPN as the interface this time and it worked straight away!