MultiWAN (VPN) certain websites won`t work.



  • Hello,

    i purchased a NordVPN subscription recently and the idea was to route traffic for certain interfaces through the VPN while letting traffic that originates from a (office) VLAN interface normally.

    These are my interfaces:
    LAN = Interface for a bunch of local computers at home
    VLAN100 (parent is LAN) = VLAN interface of LAN for specific hosts that should be isolated from the rest
    WIFI = interface that connects to a Wifi AP

    Basically i want all the traffic originating from lan and wifi to go through the VPN tunnel.
    I set everything up according to a guide that nordvpn provided.
    (see: https://support.nordvpn.com/#/Connectivity/1089079142/pfSense-2-4-3-setup.htm)
    Everything is running fine, LAN & Wifi are getting tunneled through the VPN connection whereas VLAN gets its packtes out normally.

    The only thing that doesnt work and i am not able to figure out so far is that cvertain websites (like netflix and amazon for example) are not working properly for my VLAN machines. Sometimes they show up and sometimes they don`t
    Maybe i overlooked something and you guys can point me in the right direction.

    Thank you in advance for any helpful reply.
    Dennis


  • Rebel Alliance Global Moderator

    Where does your dns go? Out your vpn?

    You do understand streamers like netflix, amazon, hulu, etc. etc.. Pretty much going to all going to play the wack a mole game for vpn connection right.. They think your coming from a vpn and "could" be circumventing their regional restrictions they going to have a conniption..

    There guide has you pulling default routes to go out the vpn.. So your policy routing vlan out your normal dhcp wan? With a firewall rule?



  • Hello johnpoz,

    thanks for your quick reply.
    You re right, i made a few additional adjustments after i followed the guide mentioned above to fit the setup i need.
    To do this i indeed set up the two Google DNS servers (under System -> General setup) which i associated with my regular DHCP_WAN as a gateway. Additionally i created two further DNS entries (the DNS servers of NordVPN) and selected the DHCP_VPN (client) Interface as the gateway this time.
    After this i switched to the firewall rules and adjusted every ruleset thats related to "non local" traffic so that LAN and WIFI traffic have the VPN interface set as its gateway and my rules for VLAN100 have the WAN interface as the gateway.
    Outbound NAT is still going over WAN for my VLAN100 subnet as well of course.

    I am aware that big streamers like netflix and amazon are trying to make it difficult for you to use VPNs and such but what leads me to believe that this might not be the problem here is that if i put my traffic VLAN100 traffic through the VPN i can access amazon and netflix without any trouble.
    If i use my WAN as the gateway for my VLAN100 rules several "thatsmyip" websites indicate that there everything is working just as if i wouldnt sue any vpn at all, yet i cant figure out why i run into those problems.