0 votes

Total noob here, wanting to transfer from pfsense to clearos but I have one thing that needs to work before i can do that.
That is routing all traffic (later different vlans) to nordvpn via openvpn. I can connect to nordvpn server via openvpn but same time i lose my internet connection.
I have tried with redirect-gateway def1 and without it.

Here is my client.conf

dev tun
proto udp
remote 1194
resolv-retry infinite
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ping 10
ping-restart 0
reneg-sec 0
comp-lzo no
remote-cert-tls server
auth-user-pass /etc/openvpn/nordvpnauth.txt
redirect-gateway def1
verb 3
cipher AES-256-CBC
auth SHA512

route table

[root@gateway ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface UG 0 0 0 tun0
default gateway UG 0 0 0 enp3s0 U 0 0 0 enp3s0 U 0 0 0 tun0 UG 0 0 0 tun0 U 0 0 0 enp1s0 U 0 0 0 enp1s0.30 gateway UGH 0 0 0 enp3s0
[root@gateway ~]#

I can ping nordvpn server


Pinging with 32 bytes of data:
Reply from bytes=32 time=37ms TTL=55
Reply from bytes=32 time=36ms TTL=55
Reply from bytes=32 time=41ms TTL=55
Reply from bytes=32 time=38ms TTL=55

Ping statistics for
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 36ms, Maximum = 41ms, Average = 38ms

can't ping google


Pinging [] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

any ideas?
In OpenVPN
Thursday, January 20 2022, 04:32 PM
Share this post:
Responses (1)
  • Accepted Answer

    Thursday, January 20 2022, 05:39 PM - #Permalink
    0 votes
    Please stop spamming! As a new poster your first couple of posts are moderated so don't appear immediately.

    Have a look at the ibVPN app and its configuration in /etc/clearos/ibvpn.d/. You can replace its OpenVPN configs with your NordVPN ones. The Webconfig will allow you to add single machines to the VPN, but you can't update the ibVPN server list as they no longer exist. the only way to change the endpoints is to manually edit the configs.

    It will allow you to route individual machines through the VPN but not the server itself so may not give you exactly what you want.
    The reply is currently minimized Show
Your Reply