Jump to content
Not connected, Your IP: 44.206.248.122

Search the Community

Showing results for tags 'PFSENSE'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • AirVPN
    • News and Announcement
    • How-To
    • Databases
  • Community
    • General & Suggestions
    • Troubleshooting and Problems
    • Blocked websites warning
    • Eddie - AirVPN Client
    • DNS Lists
    • Reviews
    • Other VPN competitors or features
    • Nonprofit
    • Off-Topic
  • Other Projects
    • IP Leak
    • XMPP

Product Groups

  • AirVPN Access
  • Coupons
  • Misc

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Twitter


Mastodon


AIM


MSN


ICQ


Yahoo


XMPP / Jabber


Skype


Location


Interests

Found 58 results

  1. So I know this maybe over the top and a wee bit silly but what if you chained 2 VPNs together through virtualization (VPN 1 on host machine and VPN 2 on a virtual machine) but instead of running 1 virtual machine you installed a virtual machine inside of a virtual machine and installed VPN 2 inside that virtual machine thats installed inside the virtual machine then create another virtual machine seperate from the others and install pfsense and configure it and route the traffic through VM 2 (virtual machine inside the virtual machine) to VM 1 then back through the host? And of cousre run TOR too............ VPNception?
  2. Well, I had some disappointing results with DD-WRT (lack of stability on my router) so I'm planning to go back to stock firmware and place a firewall appliance between the router and the modem, to control which traffic goes where in a simple, GUI way. I saw some posts on here mentioning pFsense, but me being me I wanted to try out something else first. More Googling showed Sophos UTM is a popular Firewall with a great user interface. Has anyone had any success running AirVPN with Sophos UTM Firewall? I have the software installed but I can't seem to find a way to add an openVPN client connection, SSL or SSH connection. Perhaps I'm missing something? I'm also considering trying out Untangle, IPfire and finally pFsense if I don't find what I want with the others. Yeah, I'm scared off pFsense's interface..
  3. I have set up AirVPN on my pfSense router with the help of the instructions I found here on this forum. Unfortunately I experience some DNS problems with the AirVPN DNS server 10.4.0.1. The AirVPN server is the first DNS (use VPN tunnel) and the other two OpenDNS server. Also the strict order option is set so se they are queried sequentially. I connect to german servers (UDP 443) but the problem not seems to be related to one certain server and may occur immediately after connecting to it or even after a day or two. Restarting the tunnel or the router itself fixes the problem, often needs a few tries. Surprisingly it is only a few websites that are affected and cannot resolve properly. Those are for example (ironically) airvpn.org, windowscentral.com, pandawill.com just to mention a few. If I omit AirVPN's DNS completely and only rely on the OpenDNS servers I not experience this issue at all and no DNS problems for weeks! I attached some information and would appreciate any help on this.
  4. Hi, I'm using pfSense 2.1.4-RELEASE (amd64) + pfblocker + snort. When using AirVPN from a Win7-64bit machine inside my LAN network (official OpenVPN client v. 2.3.4-I001), after a few minutes, I get this messages in the Service --> Snort --> Blocked: (spp_frag3) Fragmentation overlap or(spp_frag3) Fragmentation overlap + (spp_frag3) Teardrop attack.In this situation the OpenVPN client on the Win7 machine stops working (yellow icon). Three days ago pfSense notified me "PF was wedged/busy and has been reset" I had to restart pfSense!!! :-( pfblocker filters: Bluetack IP FilterET blockrules compromisedET fwrules emerging Block IPsSNORT rules: VRT paid Subscriber + ETOpen. Thanks.
  5. Hello, I have a DD-WRT router which had its WiFi functionality quit, so I'm looking to replace it with a PFSense device. I've got about $70 to buy a PFSense device (used is fine), so I've got a few questions. I have speed of ~40mbps up and ~4mbps down on my network connection. What specs would you suggest to run an always-on connection to Air with 3-5 computers behind the PFSense device (the computers wouldn't be running 24/7)? How much RAM, CPU, etc.? I'd like to buy something that can handle the load of OpenVPN without spending too much or significantly slowing down (ie not <50% of current speed) my web access. Here are the devices I'm considering: http://www.ebay.com/itm/Pfsense-2-1-Instagate-EX2-Firewall-VPN-Router-/301114026875?pt=US_Firewall_VPN_Devices&hash=item461bcb6b7b http://www.ebay.com/itm/Router-Firewall-VPN-QOS-appliance-running-pfSense-LAN-and-WAN-ports-/181379828147?pt=US_Wired_Routers&hash=item2a3b1489b3 http://www.ebay.com/itm/pfSense-2-1-2-Router-Firewall-VPN-QOS-appliance-LAN-and-WAN-ports-/181385843068?pt=US_Wired_Routers&hash=item2a3b70517c http://www.ebay.com/itm/pfSense-2-1-2-ROUTER-FIREWALL-1GHz-SSD-Flash-VPN-DMZ-DUAL-GIGABIT-WAN-GUI-3-port-/360909880045?pt=US_Thin_Clients&hash=item5407e7baed Please let me know which you think is best. I look forward to hearing from you soon. Best regards, anonym
  6. Hi all, I've build a pfsense router myself because I found that speeds were dramatically dropping through my Linksys router (EA6500) or through my client. By building my own router I had more control over the hardware and firmware. I have a 200 Mb/s - 10 Mb/s ISP connection. My router build as follows: Shutlle DS61 V1.1 mini ITX barebone / socket 1155 / 2 x Gbit LAN2 x 4 GB SO DDR3 Kingston HyperXIntel XEON E3-1230 V2 3.10 GHz (has no graphic chip)Kingston 60 GB SSDIn order to get graphics (which I'll need for installation, since the mini ITX motherboard doesn't support an extra graphics card) I bought an old Celeron 2.70 GHz with graphic chip. Now pfsense is installed, I will be using the Celeron for a while in case something goes wrong in pfsense settings and I'll be needing graphics again. So after I'm done with installing packages, setting up everything, I will replace it with the XEON. Speedtest with the Celeron while connected to VPN I think that is pretty impressive since I had around 60 Mb/s - 9.5 Mb/s before I had this router. If you forget about the XEON and keep the Celeron (for 24/7 use, I'll take the XEON also because of it's 'AES NI' instruction within the chipset) it will cost you about 500 dollars or about 370 euro's. The XEON included adds an extra 250 dollars or 195 euro's. This is a better investment than buying any other consumer router with a 600 MHz Broadcom processor. This is a kick ass router! For a proper installation of pfsense I can recommend this video: (good packages: squid, havp, snort (get a paid oinkcode for 27 dollars/year, otherwise you'll have a 10 days delay in updates)) SET UP AIRVPN IN PFSENSE Configure an airvpn *.ovpn file (use a region, airvpn will connect to the best server automatically)From the pfSense interface, navigate to the dropdown menus: System ---> Cert Manager and stay in the first tab.Click the button as seen here to create a new certificate. Give it a description like: cert airvpn. Ensure that "Import an existing certificate authority" is selected. Open the *.ovpn file and copy/paste the first certificate (starting with: -----BEGIN CERTIFICATE----- and ending with: -----END CERTIFICATE-----) into the 1st fieldClick save (leave the orher field empty)Click on the tab Certificates and click on the plus button as seen here Give it a description like: certificate airvpn. Ensure that "Import an existing certificate authority" is selected.Open the *.ovpn file and copy/paste the second certificate (starting with: ---- CERTIFICATE:----- and ending with: -----END CERTIFICATE-----) into the 1st fieldSo in the file it looks like this: -----END CERTIFICATE----- (end of the first certificate we've just imported) </ca> <cert> Certificate: The second copy/paste should start at: Certificate: copy/paste the third certificate (starting with: -----BEGIN CERTIFICATE----- and ending with: -----END CERTIFICATE-----) into the 3d fieldClick saveNavigate to the system dropdown menus: VPN ---> OpenVPNClick the Client tab and click on the Plus buttonFollow below settings in the pictures where: 1. serverhost or host adres can be found in the *.ovpn file ending with probably airvpn.org, 2.The serverport can be found in the top of the *ovpn file as well. Navigate to the system dropdown menus Interfaces ----> (assign) and click on the Plus button -Note in the previous screenshot you will notice a StrongVPN interface. you will NOT have that on your box yet, so dont worry. After clicking on the plus button pfSense will tell you it has successfully added a new interface. the network port name will most likley be named "ovpnc1". Ensure that the new interface is selected as "ovpnc1" (it could be ovpnc2, ovpnc3, etc... depends if you have other ovpn interfaces or not)navigate to the system dropdown menus Interfaces ---> OPT1 (or whatever your new interface from the previous step is) and follow steps in below picture Click saveNavigate to the system dropdown menus System ---> Routing and click on the Plus button Follow the settings in the picture below -Note 1: The ip seen in the picture 208.67.222.222 is the ip of OpenDNS -Note 2: By selecting "Default Gateway", the connection to the internet drops if the VPN connection drops. You'll have to set the WAN as default manually in the case if you need an internet connection. navigate to the system dropdown menus Firewall ---> Rules and click on the LAN tabClick on the Plus button to create a new ruleFollow instructions in the picture below Action: PASS -- Interface: LAN Protocol: ANY Source: LAN Subnet Destination: ANY -- Description: LAN to Internet force through VPN **IMPORTANT**: scroll down to "Gateway" under the "Advanced features" of the rule. Set gateway to your VPN interface (see above picture). After Clicking save, you should see something like this navigate to the system dropdown menus Firewall ---> NAT and click on the Outbound tabenable "Manual Outbound NAT rule generation" and select save. Reboot the router and you're done... If you want to/need to start manually, go to Status -----> Services and click on the Play button next to the VPN interface status. Check Status ------> Dashboard for connections as seen in the picture below (in the WAN section you'll see your ISP's IP, which is connection you're coming from to Airvpn (Note from AirVPN: We inevitably know it. Any reference will be deleted when the connection is closed). Don't worry, you're visible with a different IP on the internet. The reason I choose a XEON is the 10% watt reduction and the AES NI instructions in the chip (AirVPN is 256 bit AES encrypted). This will lower my CPU usage and speed up the process. Below you find a picture with system loads while having 10 torrents running and downloading a large file at full speed from usenet (ssl encrypted)... See the CPU usage on the Celeron. That will change I think with a XEON. Good luck and don't forget to install Snort, HAVP and Squit on your pfsense. Good guides out there on Google... knicker
  7. Hi all, In the case of DNS leakage, within pfsense there's good way to prevent that from happening. In this case you don't need to tweak all your Windows machines ;-) In pfsense navigate to Systems ------> General Setup and set everything as in the below picture. Use the DNS servers from AirVPN. Note that with my settings (also described here and here), your internet will drop in case your vpn connection drops. Then you need to set the wan back to default manually. That's it. No more dns leakage! (I had 6 and 2 from my isp)... knicker
  8. help !! i've set up pfsense to work with airvpn. my ip address shows as the desired location and it makes me think everything is set up correctly. but . . . when i do a dns test it shows my true ip address from the internet company. also, when i log on to this web site it indicates "not connected" and shows the same ip address. i have tried various combinations for the dns settings of general setup. for the dns server i have 10.0.5.1 and 10.0.4.1. i've tried various combinations of the "allow dns server list" box and the "do not use the dns forwarder" box. what am i missing? what settings do i need to mask my ip address with no dns leaks??? this noob appreciates any assistance.
×
×
  • Create New...