Jump to content
Not connected, Your IP: 54.210.85.205

Recommended Posts

Hi,

 

I'm hoping some king person could help with setting airvpn up on pfsense 2.3.3.

 

I've got a 3 month subscription after reading about airvpn and reading the set up guide for pfsense, I have some experiance of pfsense due to me using it for over a year with another vpn service.

 

The guide I am using is this one because I only have to network interfaces, nothing fancy !

 

https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/

 

However, I have tried twice from a fresh install and once from a default reset, following the latest guide but I get no connection through airvpn.

 

My set up is pretty simple, a ppoe from a router in bridge mode, I can use either a netgear, a tplink or my isp supplied one, setting up a simple pppoe in pfsense works fine no problems regardless of the modem bridge so thats not ths issue, this then feeds pfsense built on a gigabyte Intel® Celeron® CPU N3050 @ 1.60GHz board. I only have dsl not cable.

 

I generated the nessasary files for my connection in my account and made sure I have the certs in the right places, in fact I followed the guide to the letter, after a reboot the internet stops. The only thing I notice that seems odd is after setting up pfsense, I have only one gateway, the wan one, no vpn gateway ?

 

Either I am going crazy and messing up or something just isnt working as it should on my pfsense system, to post this I had to revert to my other vpn settings :-(

 

So has anyone got this working on the 2.3.3 version of pfsense ? I ask because way back there was changes on how a vpn was set up and I wonder if this version also has something different since the guide was produced

 

 

Thanks.

 

 

 

Share this post


Link to post

Sorted it by resetting pfsense to defaults and setting up the CA, CERT and Client and Interfaces, gateway and outbound nat didnt set up the firewall rules as I wanted a basic setup, then rebooted pfsense and confirmed I was actualy on airvpn.

 

I guess somewhere I messed up with the rules somewhere because the three times I tried setting this up I had no internet access but pfsense showed there was a update ? Anyway I have backed up the config and will work through the rules carefully.

 

--

Share this post


Link to post

I am in the same boat as you. PPPOE. It says I am connected, and I am getting an IP address but no pages are getting pulled.

 

Anything specific you think I should look at ?

Sorted it by resetting pfsense to defaults and setting up the CA, CERT and Client and Interfaces, gateway and outbound nat didnt set up the firewall rules as I wanted a basic setup, then rebooted pfsense and confirmed I was actualy on airvpn.

 

I guess somewhere I messed up with the rules somewhere because the three times I tried setting this up I had no internet access but pfsense showed there was a update ? Anyway I have backed up the config and will work through the rules carefully.

 

--

Share this post


Link to post

First off, I'm sorry I didn’t pick up on your post sooner.

 

My first instance trying to set up airvpn following the guide was a complete muck up, second attempt was ok, the interfaces showed as connected but I couldn’t pull any webpages, third attempt was the same so I did a restore to defaults and started again but only created the CA, CERT and Client and Interfaces, gateway and outbound nat, ( in a similar was to what I had used for my other simpler vpn service as that is what I understood )

 

Again it looked like I was online but I failed to pull webpages, the pfsense updater did work and found a new update, very odd, if I remember this correctly I had the NAT /OUTbound bonded to the wrong interface, setting it to the airvpn interface fixed it but I had to restart the vpn service.

 

I would have expected this to cause a non vpn connection at the least but not in this case, dont understand that.

 

 

 

 

 

--

Share this post


Link to post

I'm in the same boat, I've tried getting pFsense and now OPNsense configured but I have had zero success getting this going.  

Share this post


Link to post

If your following pf-fans excellent guide here :

 

https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/

 

Then do steps 1 to 6 , that should be enough to get you online and on the vpn, pay close attention to each step regarding entering the certs and section 6, that part can cause trouble if not done in the correct way.

 

This is exactly the way I did it BUT I skipped the rules and tweaks after section 6 to simplify things. Read through each step carefully.

 

I in no way endorse skipping the rules, they are done for a reason after some long and tedious study but each set up is different, for simplicity I skipped creating them to get the vpn up and running then created my own rules as needed.

 

( In fact its not much different from setting up piavpn if you have used that but instead of entering a plain text user-name and password you use a static key so if you get stuck have a read of setting that up and compare that to pf_fans guide to get a bearing on the basics )

 

I would attach images of my pfsense but every image server I have tried is blocking the vpn !  I took screen shots of almost every page after I got pfsense working, for future reference but there are actual screen shots on other pfsense guides, be aware that some are way out of date and wont apply to the latest version of pfsense.

 

--

Share this post


Link to post

I was actually using that guide and somewhere around 70-80% of the way through my internet dropped and even though i went through everything 3 times I could not connect.  At the end I had to restore OPNsense back to the state just before i made changes.  The guide was very well written and although not a 1::1 guide for OPNSense I was able to find the equivalent (typically just in a different area).  But I made enough mistakes I may have missed one or two of them.  I'll give it another try and just do it to step #6 and see how it goes. 

 

Have you tried http://prnt.sc/?

Share this post


Link to post

From memory my 2nd or 3rd attempt failed when I deleted the default LAN rule to allow all.

 

The next attempt i decided to keep that rule but disable it, made some of my own rules, the default rule is still there but disabled, I use it to debug.

 

 

Thanks for the link to prnt.sc, when I add a link to a test image there the forum throws a fit:

 

''You are not allowed to use that image extension on this community.''

 

pfft !

Share this post


Link to post

If your following pf-fans excellent guide here :

 

https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/

 

Then do steps 1 to 6 , that should be enough to get you online and on the vpn, pay close attention to each step regarding entering the certs and section 6, that part can cause trouble if not done in the correct way.

 

This is exactly the way I did it BUT I skipped the rules and tweaks after section 6 to simplify things. Read through each step carefully.

 

I in no way endorse skipping the rules, they are done for a reason after some long and tedious study but each set up is different, for simplicity I skipped creating them to get the vpn up and running then created my own rules as needed.

 

 

The tick box for the negate rules should not be skipped. It literally makes your ip leak if a vpn goes down by redirecting rules/gateways

 

With Multi-WAN it is generally desired to ensure traffic reaches directly connected networks and VPN networks when using policy routing. This can be disabled for special purposes but it requires manually creating rules for these networks.

 

We want it to only use our manually created rules, causing the connection to drop if the vpn goes down.

 

I wish more people would ask questions and discuss this in the main post. The whole community would benefit from the open discussion.


Have my guides helped you? Help me keep helping you, use my referral: userbar.png

How to set up pfSense 2.3 for AirVPN

Friends don't let friends use consumer networking equipment!

Share this post


Link to post

 

If your following pf-fans excellent guide here :

 

https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/

 

Then do steps 1 to 6 , that should be enough to get you online and on the vpn, pay close attention to each step regarding entering the certs and section 6, that part can cause trouble if not done in the correct way.

 

This is exactly the way I did it BUT I skipped the rules and tweaks after section 6 to simplify things. Read through each step carefully.

 

I in no way endorse skipping the rules, they are done for a reason after some long and tedious study but each set up is different, for simplicity I skipped creating them to get the vpn up and running then created my own rules as needed.

 

 

The tick box for the negate rules should not be skipped. It literally makes your ip leak if a vpn goes down by redirecting rules/gateways

 

>With Multi-WAN it is generally desired to ensure traffic reaches directly connected networks and VPN networks when using policy routing. This can be disabled for special purposes but it requires manually creating rules for these networks.

 

We want it to only use our manually created rules, causing the connection to drop if the vpn goes down.

 

I wish more people would ask questions and discuss this in the main post. The whole community would benefit from the open discussion.

 

 

I didn’t start this thread, just answered it to the best of my limited ability, I agree this should be in the main thread.

 

I did say I don’t endorse skipping rules, you put a lot of effort into your guide and I like many people are very grateful, without it I doubt I would be online now.

 

I note your point about negate rules but I have a wan_egress floating rule, its a remnant from using another vpn service where the guides where far less informative and being a bit green behind the ears I thought it was a good way to kill traffic if the vpn goes down, that’s just me and I made no mention of it here in case it was bad practice.

 

The idea behind my replying to this post was to not only answer my own post but to reply to someone else who had trouble setting up pfsense, my thinking is during initial setup it may help to get the vpn up and then once proven, move right on to the rules and tweaks, I should have made that more clear.

 

--

Share this post


Link to post

 

 

 

The tick box for the negate rules should not be skipped. It literally makes your ip leak if a vpn goes down by redirecting rules/gateways

 

 

We want it to only use our manually created rules, causing the connection to drop if the vpn goes down.

 

I wish more people would ask questions and discuss this in the main post. The whole community would benefit from the open discussion.

 

I didn’t start this thread, just answered it to the best of my limited ability, I agree this should be in the main thread.

 

I did say I don’t endorse skipping rules, you put a lot of effort into your guide and I like many people are very grateful, without it I doubt I would be online now.

 

I note your point about negate rules but I have a wan_egress floating rule, its a remnant from using another vpn service where the guides where far less informative and being a bit green behind the ears I thought it was a good way to kill traffic if the vpn goes down, that’s just me and I made no mention of it here in case it was bad practice.

 

The idea behind my replying to this post was to not only answer my own post but to reply to someone else who had trouble setting up pfsense, my thinking is during initial setup it may help to get the vpn up and then once proven, move right on to the rules and tweaks, I should have made that more clear.

 

--

 

 

 

Quite the opposite, an egress rule is a great practice. I never got around to playing around with it. If you care to share what you did in a PM, perhaps I can add it to the guide.

 

No offense was taken and I never said i was accusing you of such comments... i just "think out loud".

 

Also, the nguvu guide and mine are a collective effort, so yes it is good info too. My personal setup is similar to that guide.


Have my guides helped you? Help me keep helping you, use my referral: userbar.png

How to set up pfSense 2.3 for AirVPN

Friends don't let friends use consumer networking equipment!

Share this post


Link to post

Long time Member for AIRVPN.

Also now Using Air via the PFSense as per above.


Be sure to Set "DNS Servers" for AirVPN in your "General Setup" once the tunnel is up, after a short period of time, your DNS Will start to Resolve Sites.

Be sure your NAT & Rules are Configured correctly.



Thanks

Share this post


Link to post

Long time Member for AIRVPN.

 

Also now Using Air via the PFSense as per above.

 

 

Be sure to Set "DNS Servers" for AirVPN in your "General Setup" once the tunnel is up, after a short period of time, your DNS Will start to Resolve Sites.

 

Be sure your NAT & Rules are Configured correctly.

 

 

 

Thanks

 

I started over with a fresh install of pfsense and swapped opendns to airvpn dns, so far everything seems to be working. I also added pfblockerNG, rather spiffy but well worth the effort.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...