Private Internet Access UFW rules to allow reconnect?

Hi all,

I’m running Ubuntu Mate 15.10 on a Raspberry Pi 2 and am having a bit of trouble setting up a UFW kill switch. I’ve been able to make it so that when PIA is connected, if I turn the firewall on it will reject any traffic not going through tun0. This is great for killing any traffic if the VPN goes down, but it made it so that I can’t reconnect without disabling the firewall.

This is where the rule to allow a reconnect comes in. I’ve been able to get it to reconnect using a specific range for one of PIA’s VPN servers but I would like to be able to connect to any of their servers. Is there any way to find out how the VPN connects? I’m thinking that information would help me to make the rule(s) I need.

Any information would be greatly appreciated. Thanks!

For reference, my firewall rules are as follows.

  • Deny all incoming and outgoing by default
  • Allow traffic both in and out on tun0 <-- VPN interface
  • Allow traffic to/from on wireless interface <-- Reconnect to SSID if wifi goes down
  • Allow traffic to/from PIA’s server IP range <-- This is what I want to change to allow reconnect to any server, otherwise I’ll need to enter the IP range of every PIA server.

I think I may have solved the issue. I opened up UDP port 1194 on the firewall and now it will reconnect to any of PIA’s servers.

1 Like