fastestvpn (OpenVPN) via VyOS config example

_vyos-part.config

## ref. https://support.fastestvpn.com/tutorials/routers/ddwrt/openvpn-old
##
## VyOS 1.3-rolling-202012030217
## 
interfaces {
    ethernet eth0 {
        # Your local (inside NAPT) IP address
        address 192.168.184.1/24
        description MyVPNProxy
    }
    openvpn vtun0 {
        description FastestVPN
        encryption {
            cipher aes256
        }
        mode client
        # account.conf:plaintext,  line1: your@mail_address  line2: your_plaintext_pa$$w0rd
        openvpn-option "--auth-user-pass /config/openvpn/account.conf"
        openvpn-option --persist-key
        openvpn-option --ping-timer-rem
        openvpn-option "--auth SHA256"
        openvpn-option "--reneg-sec 10831"
        openvpn-option "--mssfix 1300"
        persistent-tunnel
        protocol udp
        # Server list:: https://support.fastestvpn.com/vpn-servers
        remote-host us-st1.jumptoserver.com
        remote-port 4443
        replace-default-route {
        }
        tls {
            # download from https://support.fastestvpn.com/download/certificate-data-and-tls-key/
            # and split the file to key and ca.
            auth-file /config/openvpn/fastestvpn-key.key  
            ca-cert-file /config/openvpn/fastestvpn-ca.crt
        }
        use-lzo-compression
    }
}

nat {
    source {
        rule 100 {
            outbound-interface vtun0
            source {
                # Your local (inside NAPT) Network
                address 192.168.184.0/24
            }
            translation {
                address masquerade
            }
        }
    }
}
protocols {
    static {
        route 0.0.0.0/0 {
            # your real default gateway
            next-hop 192.168.184.254 {
                # just to be sure...
                distance 127
            }
        }
    }
}

service {
    # For convenience, it may good idea that dedicated instance for VPN-vyos has http proxy.
    webproxy {
        cache-size 0
        default-port 3128
        disable-access-log
        listen-address 192.168.184.1 {
            disable-transparent
            port 3128
        }
    }
}

showroute.sh-session

vyos@vyos:~$ show openvpn client

OpenVPN status on vtun0

Client CN       Remote Host           Local Host            TX bytes    RX bytes   Connected Since
---------       -----------           ----------            --------    --------   ---------------
N/A             us-st1.jumptoserver.com:4443 N/A                   120.1 MB    175.8 MB   N/A

vyos@vyos:~$ show ip route
Codes: K - kernel route, C - connected, S - static, R - RIP,
       O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
       T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
       F - PBR, f - OpenFabric,
       > - selected route, * - FIB route, q - queued route, r - rejected route

S>* 0.0.0.0/0 [127/0] via 192.168.184.254, eth0, 16w1d18h
K>* 0.0.0.0/1 [0/0] via 10.105.16.1, vtun0, 01:18:01
C>* 10.105.16.0/24 is directly connected, vtun0, 01:18:01
K>* 128.0.0.0/1 [0/0] via 10.105.16.1, vtun0, 01:18:01
K>* 148.72.173.28/32 [0/0] via 192.168.184.254, eth0, 01:18:01
C>* 192.168.184.0/24 is directly connected, eth0, 16w1d18h

vyos@vyos:~$ traceroute 1.1.1.1
traceroute to 1.1.1.1 (1.1.1.1), 30 hops max, 60 byte packets
 1  10.105.16.1 (10.105.16.1)  145.887 ms  145.822 ms  145.773 ms
 2  148.72.168.2 (148.72.168.2)  146.640 ms  146.596 ms  146.618 ms
 3  ae1.stl1-cr-rigel.bb.gdinf.net (207.38.95.9)  145.695 ms  145.692 ms  145.684 ms
 4  stlo-b1-link.ip.twelve99.net (62.115.165.90)  146.155 ms  146.153 ms  146.147 ms
 5  stlo-b1-link.ip.twelve99.net (62.115.116.54)  145.964 ms  146.119 ms  146.107 ms
 6  chi-b23-link.ip.twelve99.net (62.115.113.173)  153.470 ms  153.700 ms  153.713 ms
 7  cloudflare-ic328261-chi-b23.ip.twelve99-cust.net (62.115.63.53)  158.678 ms  153.819 ms  153.819 ms
 8  one.one.one.one (1.1.1.1)  153.757 ms  153.836 ms  153.825 ms
vyos@vyos:~$