Unable to Route Traffic over OPENVPN Gateway NORDVPN Client Setup
-
Hello,
I have a problem, I tried lots of configuration to achive the problem but can not get successfull.
The problem is in my home PFSENSE router version 2.7.0-RELEASE Latest.
What I wanted to do is that, routing my home network traffic through VPN connection to secure my home connection and can be able to access restrricted web pages from my all computers at home.
I have a fiber connection with ISP provided modem. My pfsense WAN interface is running under DHCP IPV4 configuration type.
My ISP provided modem is PPPoE and not runing as bridge mode.(I think it is not necessary for a vpn configuration, but maybe it is)
So I decided to use NORDVPN Setup. There is a tutorial which show how to configure the vpn connection with pfsense.
These are the installation links:
https://support.nordvpn.com/Connectivity/Router/1626958942/pfSense-2-5-Setup-with-NordVPN.htm
https://support.nordvpn.com/Connectivity/Router/1620787982/pfSense-2-4-5-setup-with-NordVPN.htmI installed OPENVPN Client configuration instead of Server configuration.
But I had to select "Don't pull routes" check box, without it is selected there were no connection. (this was not in the tutorial of NORDVPN)
After that my VPN Interface gateway get connected successfully to the NORDVPN server via UDP port. All ok. No latency etc.
My gateway become online.
Than I configured my DNS Resolver and NAT Outbound rules for VPN interface.
Changed my DNS servers under "System->General Setup->DNS Server Settings" and added NORDVPN
Configured my Firewall rules for LAN NET by changing the Gateway from advanced section.
So far everything has been normal and smooth.
After that I tried to access to the internet from my browser, I couldn't get internet connection at all.
When I switch back to defult gateway under LAN firewall rules, the internet comes back.
I've been dealing with this for more than two months but I haven't been able to find a solution in any way. I would be very happy if you could help me forward my VPN traffic.
Thanks a lot.
-
@antionline
To rule out a DNS issue configure your computer to use a public DNS for testing like 8.8.8.8. Ensure that DNS access to it is allowed on your LAN. -
@viragomann
I have changed dns servers to public DNS 8.8.8.8 - 8.8.4.4 under DHCP Server DNS settings and also tried under windows network cconnections TCP/IP V4. With both also I couldn't get dns resolved. Still no internet after changing my default WAN gateway to OPENVPN gateway. -
@antionline
Can you post details about your configuration.
What is your LAN subnet?Post screenshots please from your
firewall rules
routes
outbound NATIs pfSense able to resolve host names at all?
-
LAN Subnet is 192.168.0.0 - 192.168.0.255
LAN Firewall Rules:
Routing:
Outbound NAT
Pfsense ping www.google.com when vpn gateway selected for LAN.
-
@antionline
Okay, with these settings and "Don't pull routes" checked, I expect that everything is working as without the VPN.However, missing the routing table.
-
Routing table when LAN gateway changed to VPN Gateway:
Routing tabel with resolve names selected:
OPEN VPN Tunnel Settings:
OPENVPN Connection Status:
LAN RULES with Gateway selected:
-
@antionline
It seems strange to me that your virtual VPN IP is shown up as gateway IP. Not clear, what causes this. I'd expect to see the server virtual IP as gateway, e.g. 10.8.1.1.Try to remove the check from "Don't add/remove routes" in the VPN client settings.
-
VPN Client updated settings:
Gateways:
OPENVPN Connections Status after Don't add/remove routes" unchecked
-
@antionline
Is your OpenVPN client running it tap mode by any chance? -
No it is in layer 3 tunnel mode:
-
@viragomann said in Unable to Route Traffic over OPENVPN Gateway NORDVPN Client Setup:
that your virtual VPN IP is shown up as gateway IP.
That is normal for those Privacy-VPNs.
-
@Bob-Dig
Never seen this till today. Maybe this changed with 2.7?Anyway it seems weird for diagnosing routing issues.
-
@viragomann said in Unable to Route Traffic over OPENVPN Gateway NORDVPN Client Setup:
Maybe this changed with 2.7?
No, I guess it is just not your type of VPN.
-
@Bob-Dig
Agree, I do not use any VPN providers.
However, also didn't notice from any post here. -
@viragomann
The IP was the same with 2.6 version as well. before update. -
@Bob-Dig
Do you have a working solution for me? I can change my vpn provider no problem.
With NORDVPN I have never get successfully connected to internet.
I have also installed on seperated machines different locations both not works. -
@antionline said in Unable to Route Traffic over OPENVPN Gateway NORDVPN Client Setup:
Do you have a working solution for me?
No. Their guides do work so the problem must be somewhere else.
-
Once I tried gateway group by using dual OPENVPN client(Dual NORDVPN Server connection over single WAN) paired together instead of using dual WAN.
At that way the Public IP and DNS changed somehow for once. After reboot of the pfsense. it did not come back again.
On my third pfsense I can use NORDVPN with dual WAN gateway group. It is working. But on the other hand single WAN setup never works.
It's been more than 2 months. I have to solve this problem.
I tried everything. Still no solution.
I am desperate right now
-
@viragomann
After the latest patch
Fix OpenVPN selecting wrong interface address when VIPs are present (Redmine #14646)
https://redmine.pfsense.org/issues/14646
I could be able to route out my traffic and the OPENVPN client works as it is requested.
