I have a specific use case for one machine on my network to intermittently use a VPN. This machine has two NICs. One NIC is “protected” by adam:ONE. The other NIC is not. DTTS is not implemented in adam:ONE. It is my intent to have the unprotected NIC use ProtonVPN via a pfSense alias. Prior to installing adam:ONE (DNSthingy) I had Private Internet Access (PIA) installed on pfSense running in this fashion. After multiple attempts, I have not been able to accomplish a working installation of ProtonVPN (let alone set up an alias). This despite following ProtonVPN’s support site pfSense installation instructions. Currently I have PIA installed on the machine as ProtonVPN’s Linux implementations are operated via CLI. And as such, being most inconvenient to use. Does anyone have any experience with such a setup? If so I would be interested in learning how they accomplished a working installation. Any thoughts would also be greatly appreciated.
@eaftos: having two NICs on a device may not provide the functionality you are looking for. A device will only use one default gateway, and thus one of the NICs for Internet connectivity.
If you use a 2nd NIC for layer 2 then that will be fine.
If your goal is to intermittently connect to a VPN from a device and have all traffic routed through pfSense, you’d have to find a way to route an internal source IP over the VPN and ensure an outbound NAT rule is in place as needed.
I appreciate your response. My apologies for not communicating clearly. In the past I had only one NIC on my workstation enabled at a time. NIC 1 was assigned the WAN interface. NIC 2 was assigned the VPN interface. I would chose WAN or VPN by selecting which NIC was enable. This was accomplished by routing NIC 2 through the VPN using pfSense’s alias function. My thanks again.
Ok I see. Yeah that functionality should still work as long as you don’t use the DTTS functionality of adam:ONE. If you are using DTTS, you’ll need to create a specific allow rule in the firewall for the NIC that is using the VPN, and under advanced assign the VPN gateway to use.