FreeBSD Gateway to Access ProtonVPN

was playing around with different setups to connect several devices to ProtonVPN being aware of the limit of one or two devices with the Free and Basic ProtonVPN packages. The obvious way is to configure the VPN on your router/gateway. If you have one that allows for OpenVPN to be configured, you can do it there. Mine doesn’t so I had to find another way.

Note, this is not a tutorial, so it does not contain a complete list of steps to be performed. It’s intended to give you ideas how to go about doing this by sharing my experiences. The complete setup is, as they say, left as an exercise to the reader.

I was playing around with different setups to connect several devices to ProtonVPN being aware of the limit of one or two devices with the Free and Basic ProtonVPN packages. The obvious way is to configure the VPN on your router/gateway. If you have one that allows for OpenVPN to be configured, you can do it there. Mine doesn’t so I had to find another way.
I also didn’t want to rout all my traffic through the VPN, just basically be able to browse the web.

So I came up with the idea of installing a FreeBSD gateway with two network interfaces, one connected directly to the Internet over which I route the traffic to a ProtonVPN server or servers.

Of course, the machine is running PF firewall software with the appropriate rules, and name resolution happens with unbound which basically just forwards requests to public DNS servers. I am not going to describe either here, because you can use other software to do these task (e.g. use IPFW and hardcode public nameservers in the /etc/resolv.conf file).

Continue reading “FreeBSD Gateway to Access ProtonVPN”