HughM 0 Posted ... It all depends on what you want to achieve. If you just want to either use the VPN WAN or the regular ISP WAN (i.e. only one at the time foar all clients in the home) then what you are proposing is possible without a VLAN capable switch or Wireless Access Point. One of the physical outer ports is then used for the VPN subnet, another for the Clearnet subnet. Switching the cable from the switch (or WAP) to the router from one router port to the other will then allow you to use either one or the other. This is then the subnet that all clients behind the switch / WAP will use. If you want a more sophisticated setup, with some clients in one subnet and others in the other subnet and also routing between the two sub-nets, you either need a smart switch (like in my drawing) or a WAP that supports multiple SSIDs, each mapping to a different VLAN ID. If there is no need for routing between the two subnets you could use two switches (one each behind the two router ports), but that is a very contrived setup imho. Quote Share this post Link to post
knall-knall 0 Posted ... Hello, i have tried to get AirVPN running under pfSense 2.4.5 following several guides including this one. Unfortunately always with the same result. I have taken great care to configure the parameters according to the tutorial and my config file, but it seems that the client never receives a response from the server: Apr 10 23:27:28 openvpn 7197 TCP/UDP: Preserving recently used remote address: [AF_INET]178.162.204.219:443 Apr 10 23:27:28 openvpn 7197 Socket Buffers: R=[42080->42080] S=[57344->57344] Apr 10 23:27:28 openvpn 7197 UDPv4 link local (bound): [AF_INET]192.168.1.100:0 Apr 10 23:27:28 openvpn 7197 UDPv4 link remote: [AF_INET]178,162,204,219:443 (no log entry after that, VPN status stays pending) With my own VPN server, the connection could be established without problems. I immediately saw the complete connection setup in the log here. What could I miss in this case? Quote Share this post Link to post
dIecbasC 38 Posted ... increase your log verbosity and post a full connection log for us. 1 knall-knall reacted to this Quote Share this post Link to post
knall-knall 0 Posted ... 18 hours ago, dIecbasC said: increase your log verbosity and post a full connection log for us. Apr 11 18:25:18 openvpn 2887 Local Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 1,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-client' Apr 11 18:25:18 openvpn 2887 Expected Remote Options String (VER=V4): 'V4,dev-type tun,link-mtu 1602,tun-mtu 1500,proto UDPv4,comp-lzo,keydir 0,cipher AES-256-CBC,auth SHA512,keysize 256,tls-auth,key-method 2,tls-server' Apr 11 18:25:18 openvpn 2887 TCP/UDP: Preserving recently used remote address: [AF_INET]178.162.204.219:443 Apr 11 18:25:18 openvpn 2887 Socket Buffers: R=[42080->42080] S=[57344->57344] Apr 11 18:25:18 openvpn 2887 UDPv4 link local (bound): [AF_INET]192.168.1.100:0 Apr 11 18:25:18 openvpn 2887 UDPv4 link remote: [AF_INET]178.162.204.219:443 Apr 11 18:25:18 openvpn 2887 TLS Warning: no data channel send key available: [key#0 state=S_INITIAL id=0 sid=00000000 00000000] [key#1 state=S_UNDEF id=0 sid=00000000 00000000] [key#2 state=S_UNDEF id=0 sid=00000000 00000000] Apr 11 18:25:18 openvpn 2887 SENT PING Apr 11 18:25:18 openvpn 2887 TIMER: coarse timer wakeup 1 seconds Apr 11 18:25:18 openvpn 2887 TLS: tls_multi_process: i=0 state=S_INITIAL, mysid=40b6e54b 69557143, stored-sid=00000000 00000000, stored-ip=[AF_INET]178.162.204.219:443 Apr 11 18:25:18 openvpn 2887 TLS: tls_process: chg=0 ks=S_INITIAL lame=S_UNDEF to_link->len=0 wakeup=604800 Apr 11 18:25:18 openvpn 2887 ACK mark active outgoing ID 0 Apr 11 18:25:18 openvpn 2887 TLS: Initial Handshake, sid=40b6e54b 69557143 Apr 11 18:25:18 openvpn 2887 ACK reliable_can_send active=1 current=1 : [1] 0 Apr 11 18:25:18 openvpn 2887 ACK reliable_send ID 0 (size=4 to=2) Apr 11 18:25:18 openvpn 2887 ENCRYPT HMAC: 000968ce 031eb632 9a9d85ac 4af7b91c c5d279eb 93c60a34 73843421 af95cfe[more...] Apr 11 18:25:18 openvpn 2887 ENCRYPT TO: 000968ce 031eb632 9a9d85ac 4af7b91c c5d279eb 93c60a34 73843421 af95cfe[more...] Apr 11 18:25:18 openvpn 2887 Reliable -> TCP/UDP Apr 11 18:25:18 openvpn 2887 ACK reliable_send_timeout 2 [1] 0 Apr 11 18:25:18 openvpn 2887 TLS: tls_process: timeout set to 2 Apr 11 18:25:18 openvpn 2887 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8a2cbff4 e4dabc19, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Apr 11 18:25:18 openvpn 2887 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Apr 11 18:25:18 openvpn 2887 RANDOM USEC=183806 Apr 11 18:25:18 openvpn 2887 UDPv4 WRITE [86] to [AF_INET]178.162.204.219:443: P_CONTROL_HARD_RESET_CLIENT_V2 kid=0 sid=40b6e54b 69557143 tls_hmac=000968ce 031eb632 9a9d85ac 4af7b91c c5d279eb 93c60a34 73843421 af95cfe7 6437d462 b78b019b 5cb6ac8b ef2b2fcb 25e16404 dd370152 ef0821ba 8f1bd43e pid=[ #1 / time = (1586622318) Sat Apr 11 1 Apr 11 18:25:18 openvpn 2887 UDPv4 write returned 86 Apr 11 18:25:18 openvpn 2887 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=40b6e54b 69557143, stored-sid=00000000 00000000, stored-ip=[AF_INET]178.162.204.219:443 Apr 11 18:25:18 openvpn 2887 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800 Apr 11 18:25:18 openvpn 2887 ACK reliable_can_send active=1 current=0 : [1] 0 Apr 11 18:25:18 openvpn 2887 SSL state (connect): before/connect initialization Apr 11 18:25:18 openvpn 2887 SSL state (connect): SSLv2/v3 write client hello A Apr 11 18:25:18 openvpn 2887 ACK reliable_send_timeout 2 [1] 0 Apr 11 18:25:18 openvpn 2887 TLS: tls_process: timeout set to 2 Apr 11 18:25:18 openvpn 2887 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8a2cbff4 e4dabc19, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Apr 11 18:25:18 openvpn 2887 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Apr 11 18:25:18 openvpn 2887 PO_CTL rwflags=0x0001 ev=5 arg=0x006a6f90 Apr 11 18:25:18 openvpn 2887 PO_CTL rwflags=0x0001 ev=4 arg=0x006a5de8 Apr 11 18:25:18 openvpn 2887 I/O WAIT T?|T?|SR|Sw [1/183806] Apr 11 18:25:19 openvpn 2887 event_wait returned 0 Apr 11 18:25:19 openvpn 2887 I/O WAIT status=0x0020 Apr 11 18:25:19 openvpn 2887 TIMER: coarse timer wakeup 1 seconds Apr 11 18:25:19 openvpn 2887 TLS: tls_multi_process: i=0 state=S_PRE_START, mysid=40b6e54b 69557143, stored-sid=00000000 00000000, stored-ip=[AF_INET]178.162.204.219:443 Apr 11 18:25:19 openvpn 2887 TLS: tls_process: chg=0 ks=S_PRE_START lame=S_UNDEF to_link->len=0 wakeup=604800 Apr 11 18:25:19 openvpn 2887 ACK reliable_can_send active=1 current=0 : [1] 0 Apr 11 18:25:19 openvpn 2887 ACK reliable_send_timeout 1 [1] 0 Apr 11 18:25:19 openvpn 2887 TLS: tls_process: timeout set to 1 Apr 11 18:25:19 openvpn 2887 TLS: tls_multi_process: i=1 state=S_INITIAL, mysid=8a2cbff4 e4dabc19, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Apr 11 18:25:19 openvpn 2887 TLS: tls_multi_process: i=2 state=S_UNDEF, mysid=00000000 00000000, stored-sid=00000000 00000000, stored-ip=[AF_UNSPEC] Apr 11 18:25:19 openvpn 2887 PO_CTL rwflags=0x0001 ev=5 arg=0x006a6f90 Apr 11 18:25:19 openvpn 2887 PO_CTL rwflags=0x0001 ev=4 arg=0x006a5de8 Apr 11 18:25:19 openvpn 2887 I/O WAIT T?|T?|SR|Sw [1/183806] Quote Share this post Link to post
dIecbasC 38 Posted ... Check your TLS key config and cipher settings. This doesn't look too clever. TLS Warning: no data channel send key available Quote Share this post Link to post
knall-knall 0 Posted ... Checked the settings again. The parameters are set according to https://nguvu.org/pfsense/pfsense-multi-vpn-wan/ (see screenshot attached). Unfortunately, I can't find the misconfiguration. Custom settings: client; persist-key; persist-tun; remote-cert-tls server; prng sha256 64; mlock; auth-nocache; Quote Share this post Link to post
dIecbasC 38 Posted ... the other thing Ive seen trip folks up is to make sure you connect to the right end point on the airvpn server, theres a TLS connection when you generate your certificate etc. 1 knall-knall reacted to this Quote Share this post Link to post
knall-knall 0 Posted ... that did the trick! thank you very much for your help. Quote Share this post Link to post
SumRndmDude 22 Posted ... The guide posted https://nguvu.org/pfsense/pfsense-baseline-setup/ has been updated for 2.4.5 and the person who runs the site does a brilliant job explaining the steps. A massive amount has not changed in the pfSense configuration, but there are a few performance tweaks and settings dealing with encryption/ciphers. Also, while the guide is setup for a multi-lan/multi-wan (redundancy), those not needing those can skip the steps easily without mucking up the setup. Quote Share this post Link to post
BuiltOnSelfSuccess 1 Posted ... Hello AirVPN Community! I've been using AirVPN for years now but I'm really stuck and would appreciate your valuable input in helping resolve an issue that I have had for the past few weeks. Troubleshooting using some of the recommendations in various threads on here unfortunately has not resolved the issue for me. I have been running OpenVPN on pfSense for a few years following the setup guide here. However over the past few weeks I noticed that my download speeds seemed to have dropped from 200mb to around 60mb. I suspected that it was down to all the people now working remotely and "clogging up the pipes" but this seemed to have dropped further to around 30mb. I can connect directly to my router to bypass the VPN and can achieve over 200mb throuput on my 200mb line. I got researching and it seemed that there was another setup guide to compliment this one with a few updated sections: https://nguvu.org/pfsense/pfsense-baseline-setup/ so off I went and updated my OpenVPN settings to match the settings in the guide. This is where I get the Doh! moment, I now achieve download speeds of around 10mb, sometimes less!😭 CPUIntel(R) Celeron(R) CPU N3160 @ 1.60GHz 4 CPUs: 1 package(s) x 4 core(s) AES-NI CPU Crypto: Yes (active) usage seems to sit between 10 and 20% and memory usage at around 17% The things I've tried: Changing "Auth digest algorithm" from SHA512 to SHA256 Adding AES-256-CBC to the existing AES-256-GCM NCP Algorithms Hardware crypto options changed as per: I currently have the same "Custom options" from the updated guide: client; persist-key; persist-tun; remote-cert-tls server; prng sha256 64; mlock; auth-nocache; I have also tried: sndbuf 524288;rcvbuf 524288;client;remote-cert-tls server;persist-key;persist-tun;keysize 256;key-method 2;key-direction 1;explicit-exit-notify 5;mlock;keepalive 5 30;prng sha512 64; and socket-flags TCP_NODELAY; auth-nocache; mlock; key-direction 1; tls-version-min 1.2; key-method 2; tls-timeout 2; remote-cert-tls server; mssfix 0; tun-mtu 20000; explicit-exit-notify 5; persist-key; persist-tun; prng sha256 64; Each time I change the settings I test the speed to see if there is any difference but overall not much. I'm using Speedtest.net and https://sourceforge.net/speedtest/ to test speeds. I've also got Snort, Service Watchdog and pfBlockerNG-devel running. The Gateway status shows Online with 0.0% loss. All interfaces are up. Any help or guidance would be greatly appreciated! Quote Share this post Link to post
BuiltOnSelfSuccess 1 Posted ... On 4/29/2020 at 1:33 PM, BuiltOnSelfSuccess said: Hello AirVPN Community! I've been using AirVPN for years now but I'm really stuck and would appreciate your valuable input in helping resolve an issue that I have had for the past few weeks. Troubleshooting using some of the recommendations in various threads on here unfortunately has not resolved the issue for me. I have been running OpenVPN on pfSense for a few years following the setup guide here. However over the past few weeks I noticed that my download speeds seemed to have dropped from 200mb to around 60mb. I suspected that it was down to all the people now working remotely and "clogging up the pipes" but this seemed to have dropped further to around 30mb. I can connect directly to my router to bypass the VPN and can achieve over 200mb throuput on my 200mb line. I got researching and it seemed that there was another setup guide to compliment this one with a few updated sections: https://nguvu.org/pfsense/pfsense-baseline-setup/ so off I went and updated my OpenVPN settings to match the settings in the guide. This is where I get the Doh! moment, I now achieve download speeds of around 10mb, sometimes less!😭 CPUIntel(R) Celeron(R) CPU N3160 @ 1.60GHz 4 CPUs: 1 package(s) x 4 core(s) AES-NI CPU Crypto: Yes (active) usage seems to sit between 10 and 20% and memory usage at around 17% The things I've tried: Changing "Auth digest algorithm" from SHA512 to SHA256 Adding AES-256-CBC to the existing AES-256-GCM NCP Algorithms Hardware crypto options changed as per: I currently have the same "Custom options" from the updated guide: client; persist-key; persist-tun; remote-cert-tls server; prng sha256 64; mlock; auth-nocache; I have also tried: sndbuf 524288;rcvbuf 524288;client;remote-cert-tls server;persist-key;persist-tun;keysize 256;key-method 2;key-direction 1;explicit-exit-notify 5;mlock;keepalive 5 30;prng sha512 64; and socket-flags TCP_NODELAY; auth-nocache; mlock; key-direction 1; tls-version-min 1.2; key-method 2; tls-timeout 2; remote-cert-tls server; mssfix 0; tun-mtu 20000; explicit-exit-notify 5; persist-key; persist-tun; prng sha256 64; Each time I change the settings I test the speed to see if there is any difference but overall not much. I'm using Speedtest.net and https://sourceforge.net/speedtest/ to test speeds. I've also got Snort, Service Watchdog and pfBlockerNG-devel running. The Gateway status shows Online with 0.0% loss. All interfaces are up. Any help or guidance would be greatly appreciated! I've now also tried the recommendations here: https://docs.netgate.com/pfsense/en/latest/interfaces/low-throughput-troubleshooting.html#vpn-mtu-issues I disabled pfBlockerNG I disabled Snort Still I'm stuck with 10mb download speed and 20mb upload on a 200/20 line..... Quote Share this post Link to post
BuiltOnSelfSuccess 1 Posted ... 23 hours ago, BuiltOnSelfSuccess said: I've now also tried the recommendations here: https://docs.netgate.com/pfsense/en/latest/interfaces/low-throughput-troubleshooting.html#vpn-mtu-issues I disabled pfBlockerNG I disabled Snort Still I'm stuck with 10mb download speed and 20mb upload on a 200/20 line..... In the end all I did was change to a different server with a different entry IP, I get over 200mb throughput now. Thank you for the replies. Quote Share this post Link to post
Hoox 0 Posted ... I did a new install in pfsense 2.4.5 following this guide. Everything looks good, but I cant seem to get ip from DHCP server on VLAN20 (VPN). This is from the log: Jul 4 14:22:09 dhcpd DHCPOFFER on 10.0.20.100 to 94:de:80:f8:59:d4 (VPN-PC) via igb2.20 Jul 4 14:22:09 dhcpd DHCPDISCOVER from 94:de:80:f8:59:d4 (VPN-PC) via igb2.20 So it seems like the DHCP server sees the client and offer an IP in the correct subnet, but there is no DHCPACK from the client afterwards. I tried with different machines also. Other VLANs works fine. Clients gets IPs. Something I forgot for VLAN20? Some firewall rule? 1 go558a83nk reacted to this Quote Share this post Link to post
zapoteknico 8 Posted ... I'd your computer/machine directly plugged to the pfsense firewall? Did you try restarting the dhcp server? It is my understanding firewall rules have no impact on the dhcp server and IP assignation Quote Share this post Link to post
Wolke68 5 Posted ... This sample isnt with VLAN20 i thought you mean pfSense ngu sampleshttps://nguvu.org/pfsense/pfsense-baseline-setup/ Quote Share this post Link to post
Hoox 0 Posted ... Correct, I followed the guide on nguvu.org. I found the error with the VLAN - turns out I forgot about an old ACL on this interface on the switch. When I deleted it all worked as intended! 😁 Quote Share this post Link to post
Polius 1 Posted ... (edited) On 4/12/2020 at 8:32 AM, dIecbasC said: the other thing Ive seen trip folks up is to make sure you connect to the right end point on the airvpn server, theres a TLS connection when you generate your certificate etc. What about mine? What's the problem here? I'm a noob by the way, please understand. Nov 7 14:05:44 openvpn 63938 Restart pause, 80 second(s) Nov 7 14:05:44 openvpn 63938 SIGUSR1[connection failed(soft),init_instance] received, process restarting Nov 7 14:05:44 openvpn 63938 TCP: connect to [AF_INET]193.148.16.213:443 failed: Permission denied Nov 7 14:05:44 openvpn 63938 Attempting to establish TCP connection with [AF_INET]193.148.16.213:443 [nonblock] Nov 7 14:05:44 openvpn 63938 Socket Buffers: R=[65228->65228] S=[65228->65228] Nov 7 14:05:44 openvpn 63938 TCP/UDP: Preserving recently used remote address: [AF_INET]193.148.16.213:443 Nov 7 14:05:44 openvpn 63938 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 7 14:04:24 openvpn 63938 Restart pause, 80 second(s) Nov 7 14:04:24 openvpn 63938 SIGUSR1[connection failed(soft),init_instance] received, process restarting Nov 7 14:04:24 openvpn 63938 TCP: connect to [AF_INET]193.148.16.213:443 failed: Permission denied Nov 7 14:04:24 openvpn 63938 Attempting to establish TCP connection with [AF_INET]193.148.16.213:443 [nonblock] Nov 7 14:04:24 openvpn 63938 Socket Buffers: R=[65228->65228] S=[65228->65228] Nov 7 14:04:24 openvpn 63938 TCP/UDP: Preserving recently used remote address: [AF_INET]193.148.16.213:443 Nov 7 14:04:24 openvpn 63938 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 7 14:03:44 openvpn 63938 Restart pause, 40 second(s) Edited ... by Polius typo Quote Share this post Link to post
Wolke68 5 Posted ... I think this is your problemTCP: connect to [AF_INET]193.148.16.213:443 failed: Permission denied why you wanna youse TCP? Quote Share this post Link to post
Polius 1 Posted ... (edited) Ok guys, the problem is resolved. It's my firewall rule blocking the connection...there's nothing wrong with using TCP or UDP, that's not the problem. They both will work. Also, for people who are stuck: DO NOT FOLLOW THIS GUIDE!! If you follow this guide, you will fail, as it's outdated and a lot of settings are not shown and if do follow it, you won't know where the problem is. Do follow this guide https://nguvu.org/pfsense/pfsense-baseline-setup/ It's updated with the latest settings. For example, in pfsense 2.4.5, we have "TLS Key Usage Mode:" in OpenVPN Client settings and you have to toggle it to "TLS Encryption and Authentication". If you leave it as "TLS Authentication", which is the default, your connection will fail. (If you follow this guide, you will skip it altogether and your connection will fail) Hope this helps someone out there and thanks for whoever authors nguvu.org, it's literally saving lives! Edited ... by Polius typo 1 sndr reacted to this Quote Share this post Link to post
bobsnail 0 Posted ... I posted a query yesterday in the problems section, but with hindisght it sits better here. I followed the latest guidance at nguvu.org (mentioned above), everything simple (if longwinded) 1) my subnets are 'up' on the summary screen, but dont work. So i can go to my LAN 192.168.1.1 and access the management screens, but if i got to the management subnet 192.168.10.1 etc then the interface just times out. i can actaully ping the subnets but cant connect to mamangement console. any ideas please? 2) my vpn connection wont connec, it just says 'inactivity timeout' in the logs Nov 9 20:07:56 openvpn 94791 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 9 20:07:56 openvpn 94791 TCP/UDP: Preserving recently used remote address: [AF_INET]141.98.101.132:443 Nov 9 20:07:56 openvpn 94791 UDPv4 link local (bound): [AF_INET]192.168.0.56:0 Nov 9 20:07:56 openvpn 94791 UDPv4 link remote: [AF_INET]141.98.101.132:443 Nov 9 20:08:26 openvpn 94791 [UNDEF] Inactivity timeout (--ping-restart), restarting Nov 9 20:08:26 openvpn 94791 SIGUSR1[soft,ping-restart] received, process restarting 3) In the instructions under 'create VPN connection' it says TLS Key = Paste contents of the ta.key/tls-crypt.key downloaded here Does that mean I post either/or/both? That was the only step I was unsure of (i tried the contents of both files one at a time but neother made a difference) I always struggle with the instructions for pfsense/airvpn (since v2.1) Im often envious of how simple the setup appears to be with other providers, but i do love airVPN.. Any help very much appreciated Quote Share this post Link to post
Polius 1 Posted ... (edited) On 11/9/2020 at 8:13 PM, bobsnail said: 3) In the instructions under 'create VPN connection' it says TLS Key = Paste contents of the ta.key/tls-crypt.key downloaded here Does that mean I post either/or/both? That was the only step I was unsure of (i tried the contents of both files one at a time but neother made a difference) I always struggle with the instructions for pfsense/airvpn (since v2.1) Im often envious of how simple the setup appears to be with other providers, but i do love airVPN.. Any help very much appreciated Not sure about the other 2 but I can answer this one You paste tls-crypt.key there only. I believe "ta.key" (ca.key?) is pasted in the certificate section. You might have to do some trial and error but when it's connected, it should look like this: BTW, off topic: a few custom directives needs to be removed if you use the config generator file: dev tun route-delay 5 if you follow the guide, you won't need to worry about them. Edited ... by Polius Quote Share this post Link to post
Polius 1 Posted ... (edited) You don't need to follow the whole guide if your network is simple like mine is. You only need to follow the "Create and configure the VPN client" section. And maybe DNS resolver and make your own firewall rules. A simpler guide if you search "pfsense nordvpn" I use them both actually; the openvpn client section you have to follow nguvu though, but the above link will save you a lot of time! I used to use Nord, but of course, now I know that airvpn service is so much better. GL Edited ... by Polius Quote Share this post Link to post
bobsnail 0 Posted ... Polius, thanks for taking the time to reply. ive had AirVPN working over PfSense since i joined in 2016 but its always been a battle with each config change. Actually the nordVPN (and the ExpressVPN) instructions are very similar to each other, so i know getting it working should be much simpler than the AirVPN guide. know them off by heart lol (apprecaite theres differences like you dont need to provide account details with AirVPN etc) Ive atually made a bit of progress i changed the config files and that made a difference (no idea why as the server Nashira was up and working in Eddie and i checked the Certs and keys several times but switched to NAOS helped). Tunnel is now up, but when i go to IPleak.net my DNS is over AirVPN now, but my main traffic isnt lol. I know its something ive done wrong, im figuring its NAT related, but checked them (and the firewall rules) several times over a coulpe of days now). Its driving me crazy. I shall keep plodding along... it will probally work eventually... just bored of this battle every time Quote Share this post Link to post