Jump to content
Not connected, Your IP: 3.135.220.239

go558a83nk

Members2
  • Content Count

    2136
  • Joined

    ...
  • Last visited

    ...
  • Days Won

    39

Everything posted by go558a83nk

  1. well, back when wireguard first came out as a package for pfsense I happened upon a youtube video from, I think, the guy who made the wireguard package while browsing the pfsense subreddit. but now when I search it's difficult to find that particular video. Sorry I can't be more help.
  2. Set it to exclusive, of course. But also check that your browser isn't using some built in "secure dns" which would be encrypted and thus bypass AirVPN's DNS.
  3. you need to use your devices page to make another device. download a new config for that new device. then when setting up the interface you'll need to change the net mask to /32 so that the two devices don't overlap IP range. https://airvpn.org/devices/
  4. I've always had good luck using "mssfix 0" actually. And Also setting tun-mtu to something crazy high so the virtual adapter isn't a bottleneck.
  5. setting the buffers to "0" just means the default for the OS, doesn't it? I'm thinking it needs to be bigger, not the default. Also, you might try messing with MTU/MSS stuff.
  6. and I wouldn't have even known that since I don't think I've ever seen that in pfsense
  7. you need to use iptables to create the proper rules on the asus router. see the following post.
  8. I'm pretty sure I followed a guide back when I first started using wireguard on pfsense...a guide made by the guy that made the wireguard add-on package. Anyway, I have gateway address set to the same as interface address. When creating the interface I have to put in the internal IP that's given to me in the config and the same one goes in the gateway.
  9. If I recall correctly the interface must be setup manually *and* then the gateway. So, no, it doesn't appear automatically.
  10. there may not be very many people here that run opnsense. I wish I could help but I'm still using pfsense.
  11. It seems that setting the mss and mtu for wireguard to the same value is the trick for many people
  12. I am concerned that with this matter the network lock isn't really working and that's why the OP gets leaks. (or maybe the OP wasn't using network lock traditionally?) You see, if network lock rules are created based on the wrong interface/network adapter (i.e. traffic can go through only the wrong adapter and no other) then it seems network lock and its rules will do no good anyway.
  13. Only reason I can think of is for DNS resolution when not connected to the VPN or if you decide to have devices not routed through the VPN.
  14. No, I didn't know that existed. I'll have to check it out when I get a chance.
  15. With wireguard on pfsense setting each wireguard interface I create to 1420 MTU and MSS seems to result in no problems and good performance.
  16. simply just outdated geolocation databases cause errors like this. When I trace to the IP, I can see that it's in Brussels or nearby that, although there is a PTR error at line 14 because it claims to be in Los Angeles. |------------------------------------------------------------------------------------------| | WinMTR statistics | | Host - % | Sent | Recv | Best | Avrg | Wrst | Last | |------------------------------------------------|------|------|------|------|------|------| | 10.128.0.1 - 0 | 4 | 4 | 7 | 7 | 8 | 7 | | 23.103.107.254 - 0 | 4 | 4 | 8 | 8 | 8 | 8 | | Request timed out. - 100 | 1 | 0 | 0 | 0 | 0 | 0 | | be2978.ccr41.dfw03.atlas.cogentco.com - 0 | 4 | 4 | 8 | 8 | 8 | 8 | | be2763.ccr31.dfw01.atlas.cogentco.com - 0 | 4 | 4 | 8 | 8 | 9 | 9 | | be2432.ccr21.mci01.atlas.cogentco.com - 0 | 4 | 4 | 18 | 39 | 62 | 60 | | be2831.ccr41.ord01.atlas.cogentco.com - 0 | 4 | 4 | 30 | 30 | 30 | 30 | | be2717.ccr21.cle04.atlas.cogentco.com - 0 | 4 | 4 | 121 | 121 | 122 | 121 | | be2889.ccr41.jfk02.atlas.cogentco.com - 0 | 4 | 4 | 124 | 124 | 125 | 125 | | be2317.ccr41.lon13.atlas.cogentco.com - 0 | 4 | 4 | 123 | 124 | 127 | 123 | | be12194.ccr41.ams03.atlas.cogentco.com - 0 | 4 | 4 | 123 | 123 | 124 | 123 | | be3676.rcr21.bru01.atlas.cogentco.com - 0 | 4 | 4 | 124 | 127 | 135 | 124 | | 149.11.170.218 - 0 | 4 | 4 | 119 | 120 | 124 | 119 | | vlan2909.as02.lax1.us.m247.com - 0 | 4 | 4 | 131 | 133 | 139 | 131 | | vlan2911.as01.bru1.be.m247.com - 0 | 4 | 4 | 120 | 120 | 120 | 120 | | 155.251.187.194.in-addr.arpa - 0 | 4 | 4 | 119 | 119 | 120 | 119 | |________________________________________________|______|______|______|______|______|______| WinMTR v1.00 GPLv2 (original by Appnor MSP - Fully Managed Hosting & Cloud Provider)
  17. https://www.gl-inet.com/products/gl-ax1800/ look into that. it'll run wireguard plenty fast.
  18. Why not just try it and come tell us. If the router supports wireguard, it supports wireguard.
  19. I've used /32 for multiple pfsense clients and it works fine. Not sure why /10 is in the configs.
  20. Just type "ifconfig" at the ssh command line to see a list of the network interfaces to see which one your openvpn client is using. Your port forwarding rules don't seem to be following this guide. XXXXX isn't a port and the to-destination IP is just an IP not IP and port like you have it. If you change XXXXX to 32400 things will probably work since that's plex's default port.
  21. It looks like this is a case of them blocking IP addresses they don't want accessing their server.
  22. sorry, which seedbox company is this referring to?
  23. re the openvpn setup 1) set accept DNS configuration to something like yes or exclusive. that way you use AirVPN DNS. 2) AirVPN does not use compression so the two different compression settings you're using need to be gone. 3) I don't see anywhere that you're choosing the auth digest algorithm. Is there another openvpn config page we're not seeing? If you're using a tls-crypt config then you need to choose something different at "tls control channel security" and use sha512 for auth digest algorithm. If using only tls-auth config then you have tls control channel security correct but auth digest is sha1. 3) I don't think your policy routing rule is correct but I've never used that OS. It looks like you'd need to enable it at least.
  24. ah, yeah. just change the net mask to 32 instead of 10. it worked for me on pfsense.
  25. Please make sure everything is going through the VPN. Without Eddie's windows filtering platform rules you have more potential for leaks.
×
×
  • Create New...