• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to create an OpenVPN client to StrongVPN

Scheduled Pinned Locked Moved OpenVPN
157 Posts 56 Posters 230.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • P
    pkwong
    last edited by Aug 26, 2012, 2:15 PM Aug 26, 2012, 1:14 PM

    Just my personal opinion, but I don't see the purpose of charging extra for encryption that works, although, they are a business and AES is 14 levels deep when it comes to AES 128.  So it is more CPU intensive and any business deserves to make money.  I am, however, using an Amazon Free Tier OpenVPN server that does it just fine.  All incoming traffic is free so unless you're doing tons of outbound (even then it's only .12 per Gigabyte), it's still a bargain.

    If you take a look at your upstream bandwidth and calculate it out to what you can maximally push over the month, you'll realize it's VERY cheap.

    Cheers.

    Percy
    http://swimminginthought.com/free-server-it/

    When all else fails, don't blame the machine.  Blame your architecture.

    1 Reply Last reply Reply Quote 0
    • V
      Valis
      last edited by Sep 16, 2012, 3:06 PM

      @pkwong:

      I followed your tutorial to a tee and it didn't work.  StrongVPN's tech support wasn't much of a help.  After much experimentation, I got it working.  I made a step by step post on it: http://www.swimminginthought.com/2012/02/15/netflix-and-isp-throttling-bypassed-by-vpn-solved/

      Something must have changed in 2.0.1

      Thank you for your detailed tutorial :)

      "God helps those who help them selves."

      1 Reply Last reply Reply Quote 0
      • Y
        yu130960
        last edited by Sep 18, 2012, 7:37 PM

        To those that have read through the thread you can see that I have been working and at times struggling with this set up for some time.

        I had to do a factory reset on pfsense after trying some betas and was having trouble.

        It seems that I have pinpointed my problems with the default routing not always taking hold.  In the rules I have set the default Lan rule to explicitly state the WAN rather than default routing gateway and also turned on LZO compression with the following settings

        verb 5;tun-mtu 1500;fragment 1300;keysize 128;redirect-gateway def1;persist-key;comp-lzo adaptive;

        1 Reply Last reply Reply Quote 0
        • R
          raclure
          last edited by Dec 7, 2012, 3:00 PM Dec 7, 2012, 1:13 PM

          Hi everyone,

          I followed part of this tutorial to set-up a working VPN connection to vpntunnel.com. It works like a charm, and i'm able to redirect certain LAN ip through the VPN, while all others goes to the normal route.

          As all the traffic reaching the VPN ip is redirected to the box, i tried to build some firewall rules to block traffic coming from the VPN and going to certain port (like the ssh port and the http port). I added 2 rules in the appropriate firewall rules tab (the tab dedicated to the VPN connection) to drop any tcp packet hitting port 22 or port 80. But this had no effect, even after a reboot.

          Am i doing this right ? Has someone already tried this ?

          (I'm using version 2.1-BETA0 (i386)built on Tue Dec 4 21:53:03 EST 2012)

          1 Reply Last reply Reply Quote 0
          • R
            raclure
            last edited by Dec 7, 2012, 3:22 PM Dec 7, 2012, 3:19 PM

            Ok, the solution to my problem lies within the 'floating' rules. It's where the block rules are to be set. Now it works perfectly.

            1 Reply Last reply Reply Quote 0
            • P
              pelle_chanslos
              last edited by Jan 13, 2013, 2:21 PM

              @raclure:

              Hi everyone,

              I followed part of this tutorial to set-up a working VPN connection to vpntunnel.com. It works like a charm, and i'm able to redirect certain LAN ip through the VPN, while all others goes to the normal route.

              (I'm using version 2.1-BETA0 (i386)built on Tue Dec 4 21:53:03 EST 2012)

              How do you manage to redirect certain LAN IPs through the VPN and others through the normal WAN?

              1 Reply Last reply Reply Quote 0
              • R
                raclure
                last edited by Jan 16, 2013, 9:44 AM Jan 16, 2013, 9:42 AM

                For version 2.1:

                In Firewall->Rules->LAN you simply add a rule where source is your LAN IP, DESTINATION is * and in advance features, you set the Gateway to the VPN.
                Be careful to look what is the default gateway, as it might have become the VPN.
                Be also careful that the rules work as 'first match applies', so as long as a rule doesn't match, it'll look at the next one down.
                Also, if the VPN is down, packet might be routed through the default gateway (and you might not want that), be sure to set up rules correctly

                I hope it helps.

                1 Reply Last reply Reply Quote 0
                • A
                  arisap3
                  last edited by Jun 28, 2013, 3:52 AM

                  ;D ;D ;D ;D Working… thanks guys

                  1 Reply Last reply Reply Quote 0
                  • P
                    panz
                    last edited by Aug 7, 2013, 10:04 AM

                    After reading/experimenting with OpenVPN + AirVPN my doubt is: is my internal LAN exposed to Internet if i change the "Firewall Rules" according to the first (original) post?

                    For VPN to work, I thought it was sufficient to set manual NAT rules. Touching firewall rules seems overkill to me.

                    pfSense 2.3.2-RELEASE-p1 (amd64)
                    motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

                    1 Reply Last reply Reply Quote 0
                    • E
                      ericab
                      last edited by Aug 9, 2013, 3:15 AM

                      panz;
                      the firewall rule is required as it route OUTGOING traffic through your newly established gateway.
                      it is an OUTGOING rule only.

                      remember; every interface on pfSense's default rule is to block everything, unless otherwise specified, which in this case allows outgoing traffic, AND forces it through the VPN.

                      1 Reply Last reply Reply Quote 0
                      • P
                        panz
                        last edited by Aug 9, 2013, 7:51 AM

                        This seems quite strange to me, because my setup is perfectly working without setting that firewall rule; LAN clients browse the Internet just enabling manual NAT. Am I doing something wrong?  ???

                        pfSense 2.3.2-RELEASE-p1 (amd64)
                        motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

                        1 Reply Last reply Reply Quote 0
                        • T
                          tjabas
                          last edited by Sep 1, 2013, 8:06 PM

                          so if i understand this right.. there is no way to get strongvpn to work anymore?

                          or is there Another guide to follow?

                          1 Reply Last reply Reply Quote 0
                          • E
                            ericab
                            last edited by Sep 1, 2013, 9:00 PM

                            @tjabas:

                            so if i understand this right.. there is no way to get strongvpn to work anymore?

                            or is there Another guide to follow?

                            tjabas,

                            what isnt working anymore for you ?

                            1 Reply Last reply Reply Quote 0
                            • T
                              tjabas
                              last edited by Sep 1, 2013, 9:46 PM

                              i havent even tried yet to istall it, i have made the purchase and all but i read that strong vpn changed someting so the guide in this thread dont work anymore.

                              or am i wrong?

                              1 Reply Last reply Reply Quote 0
                              • T
                                tjabas
                                last edited by Sep 4, 2013, 9:25 PM

                                is there anyone else that hasnt got the preconfigured file to work?
                                i thought that if i only buy the file and istall the keys, it all would work, but i was wrong.

                                1 Reply Last reply Reply Quote 0
                                • E
                                  ericab
                                  last edited by Sep 4, 2013, 9:47 PM

                                  @tjabas:

                                  is there anyone else that hasnt got the preconfigured file to work?
                                  i thought that if i only buy the file and istall the keys, it all would work, but i was wrong.

                                  what isnt working for you tjabas ? if you dont give us details on the problem we cant help you

                                  1 Reply Last reply Reply Quote 0
                                  • T
                                    tjabas
                                    last edited by Sep 5, 2013, 12:32 PM

                                    the main issue is that i loose the wan Connection after i have installed the purchased backup file, the wan is still assigned to the same nic, and the router is acting really really slow, the webserver is almost useless, but what i have seen so isnt there any Changes to the wan and nic, there the same as Before but i dont get any ip from mi isp.

                                    any suggestions?

                                    1 Reply Last reply Reply Quote 0
                                    • R
                                      richardkingsley
                                      last edited by Sep 9, 2013, 6:10 PM

                                      Hi,

                                      After a few misconfigurations, i have finally got a client to strongvpn working but for the whole lan subnet and not for the specific ip address that i want to route.

                                      I have tried setting a rule in the firewall>rules>lan section but it still seems to route everything to through the vpn.

                                      It seems that just having the manual outward NAT settings for the lan is enough to make everything route via vpn with no firewll rules

                                      Does anybody have any pointers where to check where i may be going wrong. I am using 2.1rc2

                                      Thanks

                                      Richard

                                      1 Reply Last reply Reply Quote 0
                                      • H
                                        hammerman
                                        last edited by Sep 18, 2013, 1:14 AM

                                        as per ericab reply 21,
                                        if i have everything going through the vpn now and only want to route devices with specific ip addresses through the vpn, do i just follow the new firewall rule and save it? that's it?
                                        do i have to change any existing rules or move this new rule to the top?

                                        thanks

                                        1 Reply Last reply Reply Quote 0
                                        • H
                                          hammerman
                                          last edited by Sep 18, 2013, 2:13 PM

                                          i tried ericab's way and it didn't work.
                                          my pc was still running through the vpn.
                                          i only want specific ip addresses to use the vpn.
                                          i must be missing something . . . .???

                                          1 Reply Last reply Reply Quote 0
                                          • First post
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                                            [[user:consent.lead]]
                                            [[user:consent.not_received]]