Hi guys,
I’m using the following config based on NordVPN to connect to ProtonVPN. The connection is established. But whatsmyip shows me my provider’s ip instead of ProtonVPN ip. Can you please help me to figure this out?
/tool fetch url="https://protonvpn.com/download/ProtonVPN_ike_root.der"
/certificate import file-name=ProtonVPN_ike_root.der
/ip ipsec profile add dh-group=modp4096,modp2048,modp1024 dpd-interval=disable-dpd enc-algorithm=aes-256 hash-algorithm=sha256 name=ProtonVPN
/ip ipsec proposal add auth-algorithms=sha256 enc-algorithms=aes-256-cbc name=ProtonVPN pfs-group=none
/ip ipsec policy group add name=ProtonVPN
/ip ipsec policy add dst-address=0.0.0.0/0 group=ProtonVPN proposal=ProtonVPN src-address=0.0.0.0/0 template=yes
/ip ipsec mode-config add connection-mark=ProtonVPN name=ProtonVPN responder=no
/ip ipsec peer add address=nl-free-01.protonvpn.com exchange-mode=ike2 name=ProtonVPN profile=ProtonVPN
/ip ipsec identity add auth-method=eap certificate="" eap-methods=eap-mschapv2 generate-policy=port-strict mode-config=ProtonVPN password=<PASSWORD> peer=ProtonVPN policy-template-group=ProtonVPN username=<LOGIN>
/ip firewall address-list add address=192.168.88.0/24 list=local
/ip firewall mangle add action=change-mss chain=forward ipsec-policy=in,ipsec new-mss=1382 passthrough=yes protocol=tcp tcp-flags=syn
/ip ipsec mode-config set [ find name=ProtonVPN ] src-address-list=local
/ip ipsec policy move *ffffff destination=0
/ip ipsec policy add action=none dst-address=192.168.88.0/24 src-address=0.0.0.0/0 place-before=1
Last step: delete the 'defconf fasttrack' rule from firewall rules.