Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

How to route traffic on device though Proton VPN with Port Forward

Follow
Avatar
Alvaro Gandara Astray

Hi!

I'm trying to route all traffic from a device in my LAN through Proton VPN, but I can't seem to figure out how to obtain the port info on the VPN connection. It looks like Proton VPN can easily give you this info through their official apps, but I would love to do this within Firewalla via the Wireguard configuration files...

Any idea how to obtain the open port that Proton VPN offers via their port forwarding option?

1

Comments

6 comments

Sort by Date Votes
  • Avatar
    Firewalla

    Do you mean, you want VPN to port forward (from your VPN IP) to your local device port? And you can't obtain the VPN dst port? if it is, then you will have to work with your VPN service on it, there is no way firewalla know that port. 

    0
    Comment actions Permalink
  • Avatar
    Alvaro Gandara Astray

    Yeah, when you put it like that it does sound weird. Proton VPN had some convoluted instructions on how to obtain the port number via natpmpc https://protonvpn.com/support/port-forwarding-manual-setup#linux
    I was trying to see if I could do something similar within Firewalla.
    In the end I gave up and just used AirVPN, which allows you to choose a static port within the WireGuard VPN connection.

    0
    Comment actions Permalink
  • Avatar
    Romualdo Zwolinski

    There is a guide on port fowarding with ProtonVPN and OpenWRT here: https://forum.openwrt.org/t/guide-port-forwarding-with-protonvpn-and-openwrt/238374 

    It would be excellent if this could be implemented with Firewalla in a fashion that doesn't require as much technical skill for the end user.

    0
    Comment actions Permalink
  • Avatar
    Ted Stack

    I've been using a similar script for my unRaid server: https://github.com/the-ephus/p2p-port-forward

    This would be a killer feature in Firewalla with a very simple solution for endusers. Firewalla runs natpmpc when a connection is established, reads the forwarded port and then map it to whatever the enduser chooses.

    I would LOVE to see "What would you like to make the forwarded port?" (...in this extremely complicated port-randomization cycling)

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Do you mean this? https://help.firewalla.com/hc/en-us/articles/10221985597331-Firewalla-Box-Release-1-975-App-Release-1-52#h_01GK00R9QAV15Q5JE744P389XZ

    0
    Comment actions Permalink
  • Avatar
    Ted Stack

    No, not that. ProtonVPN (and others) have different servers that you can connect with (VPN) that offer port forwarding on their servers. The issue is that the port that's forwarded (on their server) is unknown to us firewalla users when connecting, and it changes/cycles to a different random port on each connection. This makes using a port forwarding VPN pretty useless in firewalla's current state. What is being asked, and shown possible from the above links, is that firewalla monitors which port is open on the VPN's server, and automatically maps their open port to one internally of our choosing. That makes it so we don't have to be concerned with changing ports on our internal services that need port forwarding. Firewalla does it for us.
    It would be pretty awesome.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post