Multi OpenVPN client + Random OpenVPN Connection + Customize Sticky Connection



  • Hello!

    I am very new to pfSense. I hope I posted my question to the correct section. I have some very unique routing needs that I do not know how to set up. Big thank you for everyone who read through my post ☺

    My current routing and OpenVPN clients set up largely follows this instruction:
    https://nguvu.org/pfsense/pfsense-multi-vpn-wan/

    My pfSense version is 2.4.5-RELEASE (amd64)

    In short, I have 3 OpenVPN clients constantly connected and pfSense will automatically load balance between them with sticky connection enabled. Therefore, my public IP address changes between the 3 OpenVPN connections but it stays the same for one connection.

    I have a few unique needs that I think pfSense probably can do but I have no clue how to set it up. I'm pretty good with Python3. I'm not afraid of coding.

    1, Disable Sticky Connections for certain devices.

    Or in other words, for specific devices, randomly use one of the OpenVPN clients for each request.

    My current Sticky Connections setting is enabled at "System > Advanced > Miscellaneous". I believe this is global setting. I'm not 100% sure but it seems like that my whole network will use one VPN connection at one time, then it might switch to another for a while. I notice this because I have pi-hole on my network, DSN leak test shows that my DNS request goes with my public IP.

    e1a8d1c6-49f9-416c-acc4-c8bc70f558e6-image.png

    If I disable this option, pfSense will use different VPN connection each time I refresh a webpage. I believe that might cause trouble for normal daily web surfing.

    The reason I want certain devices on the network to randomly use different VPN connections is that I sometimes need to crawl webpages using a server. I want each request action come from different IP address to avoid looking suspicious. So I not only want to disable "Sticky Connections" for this machine, but actively enforce randomizing which VPN connect to be used.

    2. Randomly close an OpenVPN connection and start another one every 30 minutes.

    My VPN provider allows me to have a maximum of 5 connections at the same time. I believe each OpenVPN connection in pfSense is counted as 1 connection. As I stated before, I currently have 3 connections set up. However, I don't want to stay with these 3. I want to utilize more servers without using up my connection allowance because my phone needs a VPN too.

    My idea is to have some sort of automation in pfSense. Every 30 minutes, I want pfSense to randomly close one OpenVPN connections and start another one from a pool of connections. So that I will always have 2 VPN connections online, and I will have a new IP address every 30 minutes.

    3, Close a OpenVPN connection and start another one if certain website rejects connection

    Twitter, for some reason, restrict access to their picture server and video server from my VPN servers. These restrictions are temporary, they will be lifted after maybe a few minutes to a few hours. Changing to another VPN server will often solve the problem. The challenge is that I don't know how to check whether my access is being restricted outside of web browser. If I ping the domain name of their picture server, I can get a response. It's just that on the web browser, every picture on twitter will time out (not connection rejected, but time out).

    The same goes for videos on twitter. Restrictions for picture and video doesn't always happen on the same time. Also, I couldn't not find the domain for video server.

    Thank you very much for reading through my post. Please share with me any ideas.