Route Traffic via VPN
-
Dear All,
I'm plan to router all my traffic to VPN using OpenVPN which reach to INTERNET. Is this possible to do it on pfsense box. If yes, How to do it? Please keep some guideline. Thanks. -
Yes, it is possible.
Setup the openVPN Server on pfSense and check the redirect gateway function.
Scroll down to "Redirect IPv4 Gateway" or "Redirect IPv6 Gateway". Check the appropriated box for IPv4 and/or IPv6.
Reconnect on client side.
You can check if it works by using traceroute on client side.
Hope it helps
Dabbelju -
@dabbelju007 Any user guide I can follow.
-
I follow this guide.
https://stefanrows.medium.com/configure-openvpn-for-pfsense-2-4-the-complete-guide-64edc7278462
Thu Feb 11 09:57:16 2021 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
Thu Feb 11 09:57:16 2021 OpenVPN 2.5.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 28 2020
Thu Feb 11 09:57:16 2021 Windows version 10.0 (Windows 10 or greater) 64bit
Thu Feb 11 09:57:16 2021 library versions: OpenSSL 1.1.1h 22 Sep 2020, LZO 2.10
Thu Feb 11 09:57:39 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]27.122.12.236:50743
Thu Feb 11 09:57:39 2021 UDPv4 link local (bound): [AF_INET][undef]:0
Thu Feb 11 09:57:39 2021 UDPv4 link remote: [AF_INET]27.122.12.236:50743
Thu Feb 11 09:58:39 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Feb 11 09:58:39 2021 TLS Error: TLS handshake failedThis is the error log.
-
I delete the previous configuration and now it works.
Questions:
How to ensure my traffic is encrypted to INTERNET?
I tried to check who ip but it shows my internet ip address. -
Thu Feb 11 11:49:45 2021 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Thu Feb 11 11:49:45 2021 TLS Error: TLS handshake failed
Thu Feb 11 11:49:45 2021 SIGUSR1[soft,tls-error] received, process restarting
Thu Feb 11 11:49:55 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]175.144.174.251:51734
Thu Feb 11 11:49:55 2021 UDPv4 link local (bound): [AF_INET][undef]:0
Thu Feb 11 11:49:55 2021 UDPv4 link remote: [AF_INET]175.144.174.251:51734I could not reconnect after disconnect. Don't know why.
-
@peter_apiit Are you using a commercial VPN provider? (NordVPN, Mullvad, Pure, PIA etc?) If so which one?
-
@griffo I did not using any commercial VPN provider.
I reinstall the openvpn n connect successfully.
Questions:
How to ensure my traffic is encrypted to INTERNET?
I tried to check who ip but it shows my internet ip address. -
@peter_apiit That guide is to set up OpenVPN as a server so you can VPN into into your network over the Internet.
It sounds like you want to send all your outbound Internet traffic down a VPN, which means you need to set up pfsense as a Client connecting to a VPN provider. -
@griffo Is it possible to setup pfsense as server + client so that i can route all my traffic via tunnel network?
Is yes, any guide?
-
@peter_apiit Route it to where? Do you have a second site you want to use as the main internet exit point? e.g
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-route-internet-traffic.htmlOr you want to hide all your internet traffic from whoever and use a commercial VPN provider?
https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-client.html shows the general setup but you need to replace wireguard with OpenVPN -
@griffo said in Route Traffic via VPN:
https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-client.html
The second choices is what I want. To route all outbound traffic to my VPN provider.