X-ray VPN implementation in future releases of pfSense+
-
In your case, the gateway IP should be 10.100.94.53, just like the TUN IP. To restore the TUN IP, restart the Xray instance.
By the way, that's what I was saying, I had to tinker with hev-socks5-tunnel, but tune2socks worked right away.
Still working on fixes...
-
I'm not very familiar with networks, so I had to do a lot of research, and here's what I came up with:
-
You don't need to have static IP in the interface; what you see on the instance diagnostics page, in the TUN IP field, is enough.
-
You need to create a gateway on this IP and disable gateway monitoring so it's always online. This is because monitoring uses ICMP packets to check for online activity, but ICMP doesn't work over PROXY
You can specify an IP with a /30 subnet in the XRAY interface, choosing it so that the TUN IP is in that subnet, but that doesn't make any sense.
And finally, you need to create a firewall rule to direct traffic to the XRAY gateway.
-
-
-
Xray was developed by Chinese developers, and the authors themselves do not provide VPN services.However, the latest GFW is now able to detect and block it. Although it is still usable to some extent.
-
https://hysteria.network/
I would recommend adding this. At least its network speed is fast.
-
@yon-0 thx, I'll dig into this app.
-
@yon-0 said in X-ray VPN implementation in future releases of pfSense+:
hysteria
Xray supports the Hysteria transport, both the first and second versions.
-
@Сергей-3 However, its configuration is complex and not suitable for use.
-
@yon-0
It's a matter of preference.
Especially since there are config generators. -
@Сергей-3 Having a configuration generation tool would be simpler, but it's not as fast as HY2 in terms of network speed.
topic