Jump to content
Not connected, Your IP: 3.80.6.131
pfSense_fan

How To Set Up pfSense 2.3 for AirVPN

Recommended Posts

Here's a generic working setup I made:

DNS resolver:
dns-resolver.png

General Settings> DNS Server
dns-server.png

Firewall Rules:

firewall.png

Firewall>NAT:

Nat.png

custom directives:
client;
persist-key;
persist-tun;
remote-cert-tls server;
prng sha512 64;
mlock;
auth-nocache

hope it helps :)

ps.
if you wonder why I use my vpn gateway address for dns server, check out https://airvpn.org/specs/ under VPN DNS server. It also kind of explains why AirVPN does not support DNSSEC https://airvpn.org/forums/topic/852-airvpn-does-not-recognize-icann-authority-anymore/


You could also use 10.4.0.1 instead

Share this post


Link to post

Polius, many thanks again for taking the time.  I notice some of your settings are very different to the main guide, i tried them again anyway and it made dramatically little difference (VPN was up, DNS was fine, main traffic visible).  I am at the point now where i have invested a couple of days resetting to defaults and making little progress.

I know this works, ive had it working before, but just cant fathom it this time. 

I took out a trial account with another provider and it worked first time (didnt even need to use the guide),  switched the certs, server details and TLS key over to Air and it dies.

Think i need a break from this now.  Will have another go next weekend becuase i love AIRVPN, the speeds, the fact it is one of the only providers with a support forum in the memeber area, and i trust them.  But if i cant work it out, then at least i have options to keep my server online.

Cheers anyway

Share this post


Link to post
On 11/14/2020 at 5:11 PM, bobsnail said:

Polius, many thanks again for taking the time.  I notice some of your settings are very different to the main guide, i tried them again anyway and it made dramatically little difference (VPN was up, DNS was fine, main traffic visible).  I am at the point now where i have invested a couple of days resetting to defaults and making little progress.

I know this works, ive had it working before, but just cant fathom it this time. 

I took out a trial account with another provider and it worked first time (didnt even need to use the guide),  switched the certs, server details and TLS key over to Air and it dies.

Think i need a break from this now.  Will have another go next weekend becuase i love AIRVPN, the speeds, the fact it is one of the only providers with a support forum in the memeber area, and i trust them.  But if i cant work it out, then at least i have options to keep my server online.

Cheers anyway

Hi Bob,

Understood. You should take a break if it still doesn't work out. I myself have spent a lot of time trying to make it work too and understand the frustration completely.

cheers!

Share this post


Link to post

Can you post a screenshot of your outbound NAT configuration? It definitely sounds like your LAN is not routing through the tunnel, but since the tunnel is up, it can utilize the DNS for AirVPN as you likely configured that on the DNS Resolver settings, without routing your traffic through it. Also, a screenshot of your routing/gateways setup. You can obscure the IP's for this one if needed. I just need to see if they're setup properly.

Share this post


Link to post

Is anyone running pfsense 2.5.0? I've just upgraded to the latest build and it's broke my VPN connection to Air after it being sucessful for months. I have tried the guide mentioned a few posts back and put the same settings but some of the options have changed.

Cheers

Share this post


Link to post

This Thread is a few years old but if  you try like ngu (link on the First Site) Even 2.5.0 run
 

Share this post


Link to post
5 hours ago, Wolke68 said:

This Thread is a few years old but if  you try like ngu (link on the First Site) Even 2.5.0 run
 


Thanks Wolke

I did follow the guide but some settings differ now. I have it working though after deleting the client and putting the details back in.

Share this post


Link to post

I think Start your own thread with your logs and tell  wich kind of problem there is and which howto you follow  

without any logs nobody can see anything 

I am on 2.5 and all is good ( Most times) 😆


 

Share this post


Link to post
On 12/5/2020 at 6:10 PM, Wolke68 said:

I think Start your own thread with your logs and tell  wich kind of problem there is and which howto you follow  

without any logs nobody can see anything 

I am on 2.5 and all is good ( Most times) 😆


 

Would you mind telling me what Data Encryption Algorithms and Auth digest algorithm yours is set at? I have mine on AES-256-GMC but cannot set it to anything above SHA1. It just will not connect.

Cheers

Share this post


Link to post
10 minutes ago, rob77 said:
Would you mind telling me what Data Encryption Algorithms and Auth digest algorithm yours is set at? I have mine on AES-256-GMC but cannot set it to anything above SHA1. It just will not connect.

Cheers

sha1 is what you use with entry IP 1 and 2. sha512 (and tls encryption and authorization) is used for entry IP 3 and 4 configs.

Share this post


Link to post
1 hour ago, go558a83nk said:

sha1 is what you use with entry IP 1 and 2. sha512 (and tls encryption and authorization) is used for entry IP 3 and 4 configs.

Thanks. I had been downloading the wrong config, changed and all working now per the guide :)

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...