On Jan 1, 2018, at 2:35 PM, Antonio <m...@geotux.it> wrote: > > Hi, > > Its the rules that are under the heading "Additional steps to route WAN > through tunnel" at the bottom of this page: > > https://www.expressvpn.com/support/vpn-setup/pfsense-with-expressvpn-openvpn/ > > Regards > > Antonio >
OK those are not rules on OpenVPN or the assigned interface tabs. You are probably seeing something at the OpenVPN provider responding when you test from shields up. To be certain you should packet capture on the OpenVPN interface and see if the traffic to 80, 81, 443 actually arrives at your location and is responded to. That is highly doubtful. For an OpenVPN provider connection, which is essentially a WAN connection, you should have no rules (which is a default deny all) on the OpenVPN tab or the assigned interface tab. > Il 01/01/2018 21:50, Chris L ha scritto: >> What are the Firewall > Rules on your OpenVPN tab and the OpenVPN assigned >> interface tab for the ExpressVPN connection? >> >> >>> On Jan 1, 2018, at 1:48 PM, Antonio <m...@geotux.it> wrote: >>> >>> Hi, >>> >>> I recently managed to get pfSense to run a OpenVPN connection with my VPN >>> provider (ExpressVPN). All traffic is routed through this VPN tunnel via my >>> pfSense device. >>> >>> I randomly use ShieldsUp to test my ports and see if they are dropping >>> requests. All fine when the VPN tunnel is down. I then ran the ShieldsUp >>> (https://www.grc.com/x/ne.dll?bh0bkyd2) >>> test when the VPN tunnel was up and to my surprise I found that when I run >>> the ShieldUp against the IP i get off "What my IP" (which presumably is the >>> IP of the VPN server which I'm connecting to) there are a few open ports: >>> 80, 81, 443. >>> >>> I' assuming that as these are the open ports of the VPN server that is >>> allowing me to connect, its not reflecting the configuration of OpenVPN on >>> my pfSense device, correct? Apologies, this may be a bit OT but I thought I >>> would check that its not a pfSense related issue before I knock on >>> ExpressVPN's door. Presumably, this is the way OpenVPN works ... >>> >>> >>> Regards >>> >>> -- >>> >>> >>> Respect your privacy and that of others, don't give your data to big >>> corporations. >>> Use alternatives like Signal (https://whispersystems.org/) for your >>> messaging or >>> Diaspora* (https://joindiaspora.com/) for your social networking. >>> >>> _______________________________________________ >>> pfSense mailing list >>> https://lists.pfsense.org/mailman/listinfo/list >>> Support the project with Gold! https://pfsense.org/gold >> > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
