tuxornot

I think that name came from the set up the guide was based on, mines just called WAN.

I have my pfsense airvpn working, i'm on 2.3.3 and I am pretty sure some things are a bit odd with this version because no matter how many times I follow the guide I end up with no dns ! I did try with Ver 2.3.2 and it works, but 2.3.3, nope. ( I test things like this because I'm a nut ) I do part of my setup after install on a monitor connected to the pfsense box, I have a ppoe to a bridge modem so I set that up along with the lan address and range / subset, then go to a pc and access the admin page and carry on from there, it gets interesting because my set up throws the guide out of step. Anyway I can get the vpn up doing the CA, Cert, Interface and setting the airvpn wan as the gateway in the default lan rule, thats easy, then I do the rest but when I step 8A-1 DNS server and tick everything under DNSSEC then I loose ability to pull websites, so I don’t tick them and leave it at that. Another issue to compound an already confused pfsense user, using the guide's rule for DNS server redirect seems to stop pfblocker running the DNSBL, every works fine but that doesn’t run, it wont even load a rule, five installs using different images and usb sticks to a SSD and I cant get it going, however, leave the rules out, including the alias's and use the default lan rule and DNSSEC runs fine, this may just affect me for some reason, I dunno. Of course given my limited understanding i would rather have dns locked down and use the firewall rules in the guide, just have pfblockerNG do the IPV4 filtering, leaving the privacy and easy list stuff to plugins in the browser until I can find or work out a fix.

The tick box for the negate rules should not be skipped. It literally makes your ip leak if a vpn goes down by redirecting rules/gateways We want it to only use our manually created rules, causing the connection to drop if the vpn goes down. I wish more people would ask questions and discuss this in the main post. The whole community would benefit from the open discussion. I didn’t start this thread, just answered it to the best of my limited ability, I agree this should be in the main thread. I did say I don’t endorse skipping rules, you put a lot of effort into your guide and I like many people are very grateful, without it I doubt I would be online now. I note your point about negate rules but I have a wan_egress floating rule, its a remnant from using another vpn service where the guides where far less informative and being a bit green behind the ears I thought it was a good way to kill traffic if the vpn goes down, that’s just me and I made no mention of it here in case it was bad practice. The idea behind my replying to this post was to not only answer my own post but to reply to someone else who had trouble setting up pfsense, my thinking is during initial setup it may help to get the vpn up and then once proven, move right on to the rules and tweaks, I should have made that more clear. --

From memory my 2nd or 3rd attempt failed when I deleted the default LAN rule to allow all. The next attempt i decided to keep that rule but disable it, made some of my own rules, the default rule is still there but disabled, I use it to debug. Thanks for the link to prnt.sc, when I add a link to a test image there the forum throws a fit: ''You are not allowed to use that image extension on this community.'' pfft !

If I read this correctly you have a non vpn lan to the netgear/modem Then you have a vpn lan ( vpn set up in the Asus ) then that goes to the netgear/modem. You cant access the printer. Could it be that you have dhcp running on BOTH routers ? if so you should have one issuing the addresses EG the netgear. just asking out of interest. Edit 1: Could it be you had the printer on a different IP /subset than you use now with your new set up ? check it and make sure its the same LAN subset as the rest of your network, if you have moved your network around its easy to slip up and miss something as simple as that. Edit 2: After some thought it, normal it may be better to put the netgear in bridge mode if you need an dsl modem, then set up the asus as the vpn. Shove everything into the Asus and set up a rule to pass the tivo/netflix to the wan, bypassing the vpn, this can be done in the asus, I had it working this way before I used a pfsense router. 4 lan ports on the asus take care of your tv device, computer 1, computer 2 and printer use the asus WAN to connect to the netgear thats in bridge mode, if you wanted to extend the asus LAN, use a simple switch. I feel your pain, I too have a wife who can issue some cold hard stares and the odd bit of under the breath mumbling :-) --

If your following pf-fans excellent guide here : https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/ Then do steps 1 to 6 , that should be enough to get you online and on the vpn, pay close attention to each step regarding entering the certs and section 6, that part can cause trouble if not done in the correct way. This is exactly the way I did it BUT I skipped the rules and tweaks after section 6 to simplify things. Read through each step carefully. I in no way endorse skipping the rules, they are done for a reason after some long and tedious study but each set up is different, for simplicity I skipped creating them to get the vpn up and running then created my own rules as needed. ( In fact its not much different from setting up piavpn if you have used that but instead of entering a plain text user-name and password you use a static key so if you get stuck have a read of setting that up and compare that to pf_fans guide to get a bearing on the basics ) I would attach images of my pfsense but every image server I have tried is blocking the vpn ! I took screen shots of almost every page after I got pfsense working, for future reference but there are actual screen shots on other pfsense guides, be aware that some are way out of date and wont apply to the latest version of pfsense. --

Just adding to my suggestions regarding suspected wifi issues, first thing is to try a wired connection, if the problem still happens then its not the wifi as its been removed from the loop so to speak. I would then do a simple download test while not connected to any vpn but don’t put yourself at risk :-) Then try the vpn, use a different vpn server, if it still happens it could be your ISP service, if everything seems fine then try wifi again, move channels to see if it helps, bear in mind wifi is more like magic than science sometimes. All this testing can be a pain the rear but its necessary to spend time eliminating the most common causes mentioned here before looking at ISP or other possible problems, my experience of ISP support usually goes like this: vpn ? .... wazzat ? pfsense ?.... wazzat ? latency ?.....wazzat ? So I always do my part first with simple tests, it make my life easier ! -- --

If this is you state, over wifi then the problem could be anything from interference to a failing router/ access point, heck with wifi it could even be the way the wind blows :-p What router or access point as you using ? how old is it ? Redo the test over a wire lan connection if you can to compare wired to wifi. Thing to try: Change wifi channel Change channel bandwith from 20 to 40 to test Do not adjust any other settings and reboot your router / access point and try again -

First off, I'm sorry I didn’t pick up on your post sooner. My first instance trying to set up airvpn following the guide was a complete muck up, second attempt was ok, the interfaces showed as connected but I couldn’t pull any webpages, third attempt was the same so I did a restore to defaults and started again but only created the CA, CERT and Client and Interfaces, gateway and outbound nat, ( in a similar was to what I had used for my other simpler vpn service as that is what I understood ) Again it looked like I was online but I failed to pull webpages, the pfsense updater did work and found a new update, very odd, if I remember this correctly I had the NAT /OUTbound bonded to the wrong interface, setting it to the airvpn interface fixed it but I had to restart the vpn service. I would have expected this to cause a non vpn connection at the least but not in this case, dont understand that. --

Sorted it by resetting pfsense to defaults and setting up the CA, CERT and Client and Interfaces, gateway and outbound nat didnt set up the firewall rules as I wanted a basic setup, then rebooted pfsense and confirmed I was actualy on airvpn. I guess somewhere I messed up with the rules somewhere because the three times I tried setting this up I had no internet access but pfsense showed there was a update ? Anyway I have backed up the config and will work through the rules carefully. --

Hi, I'm hoping some king person could help with setting airvpn up on pfsense 2.3.3. I've got a 3 month subscription after reading about airvpn and reading the set up guide for pfsense, I have some experiance of pfsense due to me using it for over a year with another vpn service. The guide I am using is this one because I only have to network interfaces, nothing fancy ! https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/ However, I have tried twice from a fresh install and once from a default reset, following the latest guide but I get no connection through airvpn. My set up is pretty simple, a ppoe from a router in bridge mode, I can use either a netgear, a tplink or my isp supplied one, setting up a simple pppoe in pfsense works fine no problems regardless of the modem bridge so thats not ths issue, this then feeds pfsense built on a gigabyte Intel® Celeron® CPU N3050 @ 1.60GHz board. I only have dsl not cable. I generated the nessasary files for my connection in my account and made sure I have the certs in the right places, in fact I followed the guide to the letter, after a reboot the internet stops. The only thing I notice that seems odd is after setting up pfsense, I have only one gateway, the wan one, no vpn gateway ? Either I am going crazy and messing up or something just isnt working as it should on my pfsense system, to post this I had to revert to my other vpn settings :-( So has anyone got this working on the 2.3.3 version of pfsense ? I ask because way back there was changes on how a vpn was set up and I wonder if this version also has something different since the guide was produced Thanks.