Polius 1 Posted ... Here's a generic working setup I made: DNS resolver: General Settings> DNS Server Firewall Rules: Firewall>NAT: custom directives: client; persist-key; persist-tun; remote-cert-tls server; prng sha512 64; mlock; auth-nocache hope it helps ps. if you wonder why I use my vpn gateway address for dns server, check out https://airvpn.org/specs/ under VPN DNS server. It also kind of explains why AirVPN does not support DNSSEC https://airvpn.org/forums/topic/852-airvpn-does-not-recognize-icann-authority-anymore/ You could also use 10.4.0.1 instead Quote Share this post Link to post
bobsnail 0 Posted ... Polius, many thanks again for taking the time. I notice some of your settings are very different to the main guide, i tried them again anyway and it made dramatically little difference (VPN was up, DNS was fine, main traffic visible). I am at the point now where i have invested a couple of days resetting to defaults and making little progress. I know this works, ive had it working before, but just cant fathom it this time. I took out a trial account with another provider and it worked first time (didnt even need to use the guide), switched the certs, server details and TLS key over to Air and it dies. Think i need a break from this now. Will have another go next weekend becuase i love AIRVPN, the speeds, the fact it is one of the only providers with a support forum in the memeber area, and i trust them. But if i cant work it out, then at least i have options to keep my server online. Cheers anyway Quote Share this post Link to post
Polius 1 Posted ... On 11/14/2020 at 5:11 PM, bobsnail said: Polius, many thanks again for taking the time. I notice some of your settings are very different to the main guide, i tried them again anyway and it made dramatically little difference (VPN was up, DNS was fine, main traffic visible). I am at the point now where i have invested a couple of days resetting to defaults and making little progress. I know this works, ive had it working before, but just cant fathom it this time. I took out a trial account with another provider and it worked first time (didnt even need to use the guide), switched the certs, server details and TLS key over to Air and it dies. Think i need a break from this now. Will have another go next weekend becuase i love AIRVPN, the speeds, the fact it is one of the only providers with a support forum in the memeber area, and i trust them. But if i cant work it out, then at least i have options to keep my server online. Cheers anyway Hi Bob, Understood. You should take a break if it still doesn't work out. I myself have spent a lot of time trying to make it work too and understand the frustration completely. cheers! Quote Share this post Link to post
SumRndmDude 21 Posted ... Can you post a screenshot of your outbound NAT configuration? It definitely sounds like your LAN is not routing through the tunnel, but since the tunnel is up, it can utilize the DNS for AirVPN as you likely configured that on the DNS Resolver settings, without routing your traffic through it. Also, a screenshot of your routing/gateways setup. You can obscure the IP's for this one if needed. I just need to see if they're setup properly. Quote Share this post Link to post
rob77 0 Posted ... Is anyone running pfsense 2.5.0? I've just upgraded to the latest build and it's broke my VPN connection to Air after it being sucessful for months. I have tried the guide mentioned a few posts back and put the same settings but some of the options have changed. Cheers Quote Share this post Link to post
Wolke68 3 Posted ... This Thread is a few years old but if you try like ngu (link on the First Site) Even 2.5.0 run Quote Share this post Link to post
rob77 0 Posted ... 5 hours ago, Wolke68 said: This Thread is a few years old but if you try like ngu (link on the First Site) Even 2.5.0 run Thanks Wolke I did follow the guide but some settings differ now. I have it working though after deleting the client and putting the details back in. Quote Share this post Link to post
Wolke68 3 Posted ... I think Start your own thread with your logs and tell wich kind of problem there is and which howto you follow without any logs nobody can see anything I am on 2.5 and all is good ( Most times) 😆 Quote Share this post Link to post
rob77 0 Posted ... On 12/5/2020 at 6:10 PM, Wolke68 said: I think Start your own thread with your logs and tell wich kind of problem there is and which howto you follow without any logs nobody can see anything I am on 2.5 and all is good ( Most times) 😆 Would you mind telling me what Data Encryption Algorithms and Auth digest algorithm yours is set at? I have mine on AES-256-GMC but cannot set it to anything above SHA1. It just will not connect. Cheers Quote Share this post Link to post
go558a83nk 310 Posted ... 10 minutes ago, rob77 said: Would you mind telling me what Data Encryption Algorithms and Auth digest algorithm yours is set at? I have mine on AES-256-GMC but cannot set it to anything above SHA1. It just will not connect. Cheers sha1 is what you use with entry IP 1 and 2. sha512 (and tls encryption and authorization) is used for entry IP 3 and 4 configs. Quote Share this post Link to post
rob77 0 Posted ... 1 hour ago, go558a83nk said: sha1 is what you use with entry IP 1 and 2. sha512 (and tls encryption and authorization) is used for entry IP 3 and 4 configs. Thanks. I had been downloading the wrong config, changed and all working now per the guide Quote Share this post Link to post