You could actually make the firewall rule apply to specific hosts. It configures the VPN in a way that supports per host routing but then applies that capability to the whole lan subnet and the tutorial is not explicit enough about this Room 7609 didn't need to do anything with rules because he allowed routes to be added / removed automatically. You don't need a WAN rule as per androidian for the setup to work, in fact it is not correct and a noop. I see their tutorial is updated from when I looked at it in the past - subnet assumption as mentioned by androidian yes, but generally looks ok. Not sure why there are so many issues, I set up Nord on 2.2 and 2.3 with no issues.
I did this step, but I believe the VPN will push these settings to you if you skip it. Their instructions are OK, but if you skipped steps 5 & 6, pick OpenVPN from the dropdowns. I found that there was no need for these steps. ovpn file, since all the others get configured via the pfSense GUI: tun-mtu 1500 In the custom options, I only copy/pasted a few lines from the. I allowed routes to be pulled and added/removed automatically. ovpn file, as it may specify SHA512 somewhere in there. Most NordVPN servers use SHA1, but some don't. Be careful with the "auth digest algorithm" setting. Theoretically, the name is fine, but in practice I found that occasionally there would be name resolution issues. I used the server's IP address instead of its name. So in case it helps someone else trying to do the same, here are my comments on the process. I got it working in pfSense, and I agree that NordVPN's tutorial is way off, at least for my version (2.3.4). I assume the OP eventually got their VPN set up, but I found this topic while trying to set up my own connection to NordVPN.
My email is available to members here so if you have things you would like to compare with mine, send me a line. Make a connection on a client machine on the LAN side and do a 'What is my IP' search in Google and you should see your NordVPN assigned IP address. Above I mentioned that in the Status/Interfaces opt1/ovpnc1 Interface it showed that the DHCP was Down. Port Range From = OpenVPN (1194) To = OpenVPN (1194)ĭescription = "Allow Traffic to OpenVPN Server"ģ. Invert Match = Unchecked Dropdown = WAN Address Protocol=UDP (assuming your Nord connection is UDP otherwise TCP) Another thing he didn't mention is to add a Rule to Firewall/Rules/WAN at the bottom: It should be changed to YOUR LAN IP range in both entries. Secondly, the IP Source is showing HIS LAN IP range. Firstly ALL of the Interfaces should be OpenVPN. It's ok to use the NordVPN pfSense 2.3 guide but note a few things…ġ In my above mentioned Step 9 issue, it's his screen shot example that is incorrect in two places. I'm routing all LAN traffic thru OpenVPN on a specific NordVPN server using my Netgate SG-1000 firewall appliance with pfSense 2.4.0.