PIA VPNtunnel broken since upgrading to 2.5

Hello folks first time caller :slight_smile:

I have having a really strange issue with creating a vpn tunnel between PIA and myself. I have had these tunnels established in the past however they broke overall routing post upgrade.

When I create the tunnel and it establishes, I lose streaming media services as if they are trying to use the tunnel before I establish the tunnle as a gateway and apply firewall rules.

The tunnel establishes just fine, but appears to break some default routing on normal lan traffic.

Any thoughts? I cannot see in the firewall or routing logs where his goes sideways.

Any help would be greatly appreciated,


I don’t use PIA but I know that OpenVPN in the new pfSense release has been upgraded to 2.5 you might want to try switching to a server also running 2.5 and see if that makes a difference.

You can also see if setting you a new client works.

Wow I am feeling really ignorant as I am not sure how to tell what version of OpenVPN I am on. I am on the latest version of PFSense and the screenshot is from the same.

All these tunnels worked just fine in 2.45.

No I meant the VPN server hosted by PIA.

It’s probably better to stick with 2.5 on the server and the client, just to rule out versioning.

I use AirVPN and can see the versions of OpenVPN they are running on their servers.

oh ok I will look at that. thank you for the quick responce.

Hi There,
I recently had a similar problem after upgrading from 2.4.5 to 21.02. After ripping hair out for a few hours and finally re-adding the vpn client configuration I noticed a new option, previously not available in the 2.4.5 configuration - “Don’t Pull Routes”. After enabling this option, everything appears to have returned to normal operation.
YMMV however

Thank you the tunnel is up and stable without impact to the primary routes. I still need to configure routes and rules however this is much further ahead than previous attempts. Thank you very much for your help. I need to dig into this topic further to understand what was “enhanced” by default.

I have completed full config and everything is back to normal. thank you again Pete!

Actually that’s in 2.4.5, but I suppose on upgrade it has been unchecked. Yeah difficult to spot unless you are comparing side by side.

Apologies, thanks for confirming - i swear one of the options, either don’t pull, or don’t add was not there previously?
I’m positive however that its state definitely changed between 2.4.5 and 21.02(why?!)

That is there too :slight_smile:

I’ve actually taken 200 screenshots of my build on 2.4.5, so that when I eventually make the leap to 2.5 I can see what I had before :grimacing:

A while back it took me the best part of 8 hours to replicate my build on a 2nd pfsense box in a remote location. Ideally upgrading would be easier but I see many people having problems, so I think it will need a clean build.

I’m spending time documenting my build, I think few people will do this simply because of the time required, but I think it’s handy to keep notes on the little tweaks done at the very least.

1 Like