Proton VPN suddenly stopped working
Posted: Tue Nov 21, 2023 10:58 pm
Hi all,
Not sure if anyone else has ran into similar issues, but about a month or so ago, the Wireguard connections I had out to Proton VPN for clients in a particular subnet (10.10.20.0/24) suddenly stopped working. I can only presume this is due to an update as it was working fine for a couple of months without any major changes to the underlying config. I'm wondering if anyone else had similar issues?
Originally I set this up on v7.11, and I'm now on v7.12.1, but it's been broken since v7.12 if I recall correctly.
In short, I have the general subnet of 10.10.10.0/24 where anything connected to that is routed out the standard ISP without touching the VPN, but for clients connected to to the 10.10.20.0/24 subnet will always go out the Wireguard VPN provided by Proton.
I've attached my config. I have cleaned up a lot of the noise to make this easier to read, but there's nothing complicated going on here at this location (it's my parents house), so I'm fairly sure I haven't deleted anything relevant. I'm seeing this in 2 other locations I have, so I'm thinking it must be the update that caused this issue.
I'm convinced it's an IP route issue or something similar - when I try to ping 8.8.8.8 from the Wireguard interface they just timeout. If I tweak the routing to force everything out the PPPoE interface, the subnet etc works fine, so I'm happy the underlying VLAN/Subnet etc is fine.
Not sure if it's relevant, but the guide I followed at the time suggested sticking any old IP on the Wireguard interfaces themselves, which is where the 10.10.30.0/30 range comes into play. With Proton it seems to recommend 10.2.0.2/32 for the address on the WG interface (and the config provided by them for their server indicates 10.2.0.1. I have tried changing this, but this has made no difference.
Would seriously appreciate any suggestions as I've been trying to figure this out for a few weeks now.
Not sure if anyone else has ran into similar issues, but about a month or so ago, the Wireguard connections I had out to Proton VPN for clients in a particular subnet (10.10.20.0/24) suddenly stopped working. I can only presume this is due to an update as it was working fine for a couple of months without any major changes to the underlying config. I'm wondering if anyone else had similar issues?
Originally I set this up on v7.11, and I'm now on v7.12.1, but it's been broken since v7.12 if I recall correctly.
In short, I have the general subnet of 10.10.10.0/24 where anything connected to that is routed out the standard ISP without touching the VPN, but for clients connected to to the 10.10.20.0/24 subnet will always go out the Wireguard VPN provided by Proton.
I've attached my config. I have cleaned up a lot of the noise to make this easier to read, but there's nothing complicated going on here at this location (it's my parents house), so I'm fairly sure I haven't deleted anything relevant. I'm seeing this in 2 other locations I have, so I'm thinking it must be the update that caused this issue.
I'm convinced it's an IP route issue or something similar - when I try to ping 8.8.8.8 from the Wireguard interface they just timeout. If I tweak the routing to force everything out the PPPoE interface, the subnet etc works fine, so I'm happy the underlying VLAN/Subnet etc is fine.
Not sure if it's relevant, but the guide I followed at the time suggested sticking any old IP on the Wireguard interfaces themselves, which is where the 10.10.30.0/30 range comes into play. With Proton it seems to recommend 10.2.0.2/32 for the address on the WG interface (and the config provided by them for their server indicates 10.2.0.1. I have tried changing this, but this has made no difference.
Would seriously appreciate any suggestions as I've been trying to figure this out for a few weeks now.