Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    He 6-4 tunnel and openvpn - Private Internet Access

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 3 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yougotborked
      last edited by

      Hi,

      I am having trouble setting my firewall such that all traffic goes over my vpn. I followed http://swimminginthought.com/netflix-and-isp-throttling-bypassed-by-vpn-solved/ to set it up, and it works fine for about 20 minutes (whatsmyip shows a different ip). After an hour, my speed grinds to crawl, and my ping goes through the roof (500ms)

      Second, I was wondering how to get my HE 6-4 tunnel to go over either the wan or the vpn, because it seems to stop working when I enable the vpn client.

      Again, the vpn provider I use is privateinternetaccess.com
      I do have a bunch of nat rules set up too, and it seems those stop working when I enable the vpn.

      And finally, I have dynamic dns set up for my domain. Which interface should I be monitoring such that queries are resolved and pointed to travel through the vpn?

      1 Reply Last reply Reply Quote 0
      • J
        jasonlitka
        last edited by

        Can you provide a how-to for PIA and pfSense?  I used the one on their site as a starting point but it seems to be written for 1.2.3, not 2.0, and even after tinkering with it and getting it to connect, I can't seem to send any traffic through it.

        I can break anything.

        1 Reply Last reply Reply Quote 0
        • Y
          yougotborked
          last edited by

          I got the vpn initally working using this guide
          http://www.komodosteve.com/archives/232

          specifically this paragraph

          Firewall Config:

          At this point the OpenVPN service is running but you aren’t using it. You may not even be able to access the Internet in this state. While there’s a lot you can do to tailor your firewall access, here’s a quick way to route all your outgoing traffic through your new VPN connection.

          Go to Firewall and select NAT, then click the Outbound tab. Select any existing rules and delete them. Select the “Automatic” option at the top and click Save, then select “Manual” and click Save. You should see a new set of rules which you can activate by clicking Apply Changes.

          however, there are still traffic problems trying to get my ipv6 tunnel working

          1 Reply Last reply Reply Quote 0
          • J
            jasonlitka
            last edited by

            Yeah, I did end up getting it working using that method.  Unfortunately, it's basically useless for me as the vast majority of the web traffic doesn't go anywhere.  I can ping and tracert over icmp just fine, but traffic on port 80 rarely makes it to anything but Google.  Installing their OVPN client on my computer works just fine.

            I can break anything.

            1 Reply Last reply Reply Quote 0
            • D
              duntuk
              last edited by

              The instructions at http://www.komodosteve.com/archives/232 are almost perfect, however, are missing a crucial (but easy to fix) element.

              The author fails to mention (close to his final step) that under "firewall: NAT: Outbound": https://192.168.1.1/firewall_nat_out.php

              After doing all the steps for NAT (set it to"manual" and hit "save" followed by "apply"), you need to edit the mapping that has the description "Auto created rule for LAN to WAN " (the middle one, out of 3).

              Then change "Interface" to "OpenVPN". Or, if you followed his instructions on creating the extra interface "OPTn" (my was called "OPT1"), selecting "OPTn" will also work.

              I'm not quite sure why he suggested creating that extra interface "OPTn".

              BTW, the way I figured out the above is I first read http://doc.pfsense.org/Create-OpenVPN-client-to-TUVPNcom.pdf, which described the above instructions, about setting the mapping interface to "OpenVPN".

              Also, he mentions that his connection slowed down considerably on his virtual machine (he doesn't state his specs). But for me, using hyper-v, on a 50Mbit connection, I get full speed with a max CPU usage of 12% for a single client/connection –haven't tested out with more than 1 machines trying to access over OpenVPN.

              My specs:
              Windows 8 Pro (built in Hyper-v)
              i7 @ 2.66
              12GB RAM
              128GB Crucial SSD
              Intel PRO/1000 PT Dual Port Server Adapter

              Used Zootie's hyper-v iso (I didn't apply any patches he lists a couple posts down)
              http://rapidshare.com/files/1592931654/pfSense-LiveCD-2.0.3-PRERELEASE-amd64-hyperv-kernel-20130119-0048.zip

              from here:
              http://forum.pfsense.org/index.php/topic,56565.msg309595.html#msg309595

              Anyhow... I just finished setting this up, so I don't know how well this hyper-v build will hold up long term. And I'm planning on trying his 2.1 build next:
              http://rapidshare.com/files/4194997857/pfSense-LiveCD-2.1-BETA1-amd64-hyperv-kernel-20130119-0948.zip

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.