Jump to content
Not connected, Your IP: 3.233.224.8
pfSense_fan

How To Set Up pfSense 2.3 for AirVPN

Recommended Posts

13 hours ago, joebywan said:
Thanks for that, worked.

What's the DNS server we're supposed to be using?  Status>OpenVPN says it's up, but I can't do the dnslookup to airvpn.org

10.4.0.1 is the DNS but I can't get dns resolver or forwarder to use that and it's especially a pain if you have policy routing - some clients using the VPN and others not.

What I do is turn off resolver and forwarder in pfsense and use DHCP to assign the DNS I want to use to clients.

I use firewall rules to enforce that clients use the DNS I want them to use.

Share this post


Link to post

if you want to use 10.4.0.1 you have to do a manual route in your ovpn config


pfsense is bsd and there is a DNS push in the config not possible to use

i use it for
10.4.0.1
10.50.1
10.6.0.1
10.7.0.1
 

Share this post


Link to post
5 hours ago, Wolke68 said:

if you want to use 10.4.0.1 you have to do a manual route in your ovpn config


pfsense is bsd and there is a DNS push in the config not possible to use

i use it for
10.4.0.1
10.50.1
10.6.0.1
10.7.0.1
 

Could you elaborate on how to do this please?  Bit of a noob here. 

Shouldn't it be covered by step 6-D in the guide "Step 6-D: First AirVPN_LAN Firewall Rule "AirVPN LAN DNS REDIRECT""??
 

Share this post


Link to post

add this in your openvpn config


route 10.4.0.0 255.255.255.0;


set 10.4.0.1 DNS for DNS Server Settings
Nothing else to change.
If you want to look at the routing table in pfsense if the route 10.4.0.0 is set to your AirVPN internal IP
 

Share this post


Link to post
6 hours ago, Wolke68 said:

add this in your openvpn config


route 10.4.0.0 255.255.255.0;


set 10.4.0.1 DNS for DNS Server Settings
Nothing else to change.
If you want to look at the routing table in pfsense if the route 10.4.0.0 is set to your AirVPN internal IP
 

So in System/General Setup if I setup 10.4.0.1 set to the vpn wan gateway, it won't automatically setup a route?

When you say put it in the config, I'm assuming I can just put it in the custom settings text box at the bottom?

Share this post


Link to post

in my tests it is not enough the route from the DNS 
if you test in pfsense the dns question you get no answers
with this extra route it is ok
 

Share this post


Link to post
13 hours ago, Wolke68 said:

in my tests it is not enough the route from the DNS 
if you test in pfsense the dns question you get no answers
with this extra route it is ok
 

It worked, thanks!

Share this post


Link to post

Has any one stated having issues in the last few days with this setup, I have been running this setup for about 2 years and had no issues up until last night.. 
Now I am getting this error when I try to connect.. anyone else or is it just me :P
 

Sep 25 04:26:54 openvpn 25923 [UNDEF] Inactivity timeout (--ping-restart), restarting
Sep 25 04:26:54 openvpn 25923 TCP/UDP: Closing socket
Sep 25 04:26:54 openvpn 25923 SIGUSR1[soft,ping-restart] received, process restarting
Sep 25 04:26:54 openvpn 25923 Restart pause, 10 second(s)


UPDATE : :  found out my ISP was Blocking port 443 to vpn servers.. updated to a new IP good to go. 

Share this post


Link to post

Was working fine then nothing changed on my end I started getting these log entries and the vpn's not coming up.

Oct 7 15:12:25 openvpn 20222 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Oct 7 15:12:25 openvpn 20222 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 7 15:12:25 openvpn 20222 TCP/UDP: Preserving recently used remote address: [AF_INET]184.75.221.178:443
Oct 7 15:12:25 openvpn 20222 Socket Buffers: R=[42080->42080] S=[57344->57344]
Oct 7 15:12:25 openvpn 20222 UDPv4 link local (bound): [AF_INET]192.168.0.3:0
Oct 7 15:12:25 openvpn 20222 UDPv4 link remote: [AF_INET]184.75.221.178:443
Oct 7 15:13:25 openvpn 20222 [UNDEF] Inactivity timeout (--ping-restart), restarting
Oct 7 15:13:25 openvpn 20222 SIGUSR1[soft,ping-restart] received, process restarting
Oct 7 15:13:25 openvpn 20222 Restart pause, 300 second(s)
Oct 7 15:13:32 openvpn 20222 MANAGEMENT: Client connected from /var/etc/openvpn/client1.sock
Oct 7 15:13:32 openvpn 20222 MANAGEMENT: CMD 'state 1'
Oct 7 15:13:32 openvpn 20222 MANAGEMENT: Client disconnected

Any ideas on how to get it going again?

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...