Connection issues with OpenVPN client - IPVanish
-
Hi all,
I have just setup a very basic install of pfsense for home use. I was trying to setup a VPN client, but cannot figure out what the issue is. Looking at the logs, it says the host server name cannot be resolved (have not got access to the exact log message at the time of writing this post).
I followed this guide from another user https://forum.netgate.com/topic/116235/guide-how-to-connect-pfsense-openvpn-client-to-ipvanish) , but was not successful. It's looks like 2.4.3 has changed slightly compared the version this guide was written for. But I thought it could not be much different.
I know other VPN providers have 'official how to guides' but IPVanish said, 'we dont officially support pfsense'. Access to non-VPN internet is fine.
Any help would be appreciated.
-
@sh500 IPVanish (and others) use DNS for resolving where to connect to. Your pfSense can't resolve the DNS names.
Under Diagnostics -> DNS Lookup
Test a dns name (ie. www.google.com). You;ll see if your DNS resolution for the pf is working. -
@philw Thanks for the pointer. I added the VPN providers DNS entries to the WAN interface. It works fine now.
I should probably look at firewall rules for more granular control. I am just starting with pfsense so will play around with rules/routing etc.
-
@sh500
You can also add (if you use cloudflare or quad9 dns) DNS over TLS for those DNS lookups as well. There's a great how-to for enabling this.
https://www.netgate.com/blog/dns-over-tls-with-pfsense.htmlDon't sweat asking questions, I'm just starting myself with the pfSense and I'm really liking the more feature robust (and of course my own hardware) over DD-WRT I was using in the past. The forums and the netgate blog have been stellar.
-
@philw Thanks. I also currently have a fully working OpenWRT (LEDE) setup. This does the job very well. But, there are certain little things that can be annoying (for me at least). So I am wanting to replicate all my existing LEDE setttings with pfsense and will be comparing which I like better.