What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Quick question/Public WiFi-VPN

Ro berto

Ro berto

Regular Contributor
I'm connected to a public wifi and have internet, as soon as I connect to my router through the OpenVPN Server I lose internet connectivity but I can connect to my router through SSH.

Is it possible that a public WiFi blocks internet connection on a VPN connection?
 
If you can connect to your router via SSH though the VPN then there's no reason you shouldn't be able to access the internet also.

I suspect you have configured your VPN server incorrectly. Check the settings of "Direct clients to redirect Internet traffic" and "Advertise DNS to clients".
 
ColinTaylor said:
Check the settings of "Direct clients to redirect Internet traffic"
Click to expand...
I don't have that option (I'm on merlin).

I changed to a different public WiFi and am able to use internet with the VPN. o_O

Attached are my settings.
 

Attachments

  • Screenshot_20190503-122513.jpg
    Screenshot_20190503-122513.jpg
    44.2 KB · Views: 251
When you said "I can connect to my router through SSH" did you mean you were connecting through the VPN? Or have you enabled "SSH access from WAN" and were connecting directly to the router?
 
Ro berto said:
I don't have that option (I'm on merlin).
Click to expand...
You have to switch from Advanced Settings to General.

I changed to a different public WiFi and am able to use internet with the VPN. o_O
Click to expand...
Some public hotspots only allow "web" traffic, i.e. ports 80 and 443, or explicitly block VPN (port 1194). That's why some people choose to run their VPN server on port 443 instead of 1194.
 
Last edited:
ColinTaylor said:
When you said "I can connect to my router through SSH" did you mean you were connecting through the VPN?
Click to expand...
yes.

ColinTaylor said:
You have to switch from Advanced Settings to General.
Click to expand...
ah yes, got you, yeah it's enabled (see pic).

yeah, maybe it was that they were blocking port 1194 (funny, because it's the wifi from flixbus (a transportation company), and with one bus it was blocked, and with the next one it's not blocked).

ColinTaylor said:
That's why some people choose to run their VPN server on port 443 instead of 1194.
Click to expand...
is there any drawback with this?

thanks for your input Colin
 

Attachments

  • Screenshot_20190503-141412__01.jpg
    Screenshot_20190503-141412__01.jpg
    35.6 KB · Views: 329
Ro berto said:
yes.
Click to expand...
Then I'm confused as well. The whole point of a VPN is to encrypt the traffic so that it's impossible for anyone else (like the hotspot provider) to examine the data. So there's no way they could distinguish SSH traffic from HTTP. Maybe some sort of temporary routing problem on your router?

ah yes, got you, yeah it's enabled (see pic).

yeah, maybe it was that they were blocking port 1194 (funny, because it's the wifi from flixbus (a transportation company), and with one bus it was blocked, and with the next one it's not blocked).
Click to expand...
Seems unlikely (see previous answer). If they had blocked your VPN access on port 1194 your SSH connection wouldn't have worked either.

is there any drawback with this?
Click to expand...
Running a VPN server (or anything else) on a common port like 443 will mean that you will see endless connection attempts from port scanners.
 
ColinTaylor said:
Maybe some sort of temporary routing problem on your router?
Click to expand...
yeah most likely, since it makes sense what you say about being impossible to see encrypted data.
 
do you think it was related to the following?

I ran the following command on the SSH:
Code: 
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun12 -j MASQUERADE
and had some problems, so I rebooted the router (I guess with the reboot this command was no longer valid).

(I ran this command so I could use the vpn client when away from home and using the openvpn sever, still trying to figure out how to make a script in openvpn-event so it runs automatically in up and down events)
 
Ro berto said:
do you think it was related to the following?

I ran the following command on the SSH:
Code: 
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun12 -j MASQUERADE
Click to expand...
Quite possibly, although without knowing all the other rules and routing tables it's impossible to know for sure. It looks like you're trying to allow VPN server clients access to VPN Client #2.

and had some problems, so I rebooted the router (I guess with the reboot this command was no longer valid).
Click to expand...
Yes, rebooting would have removed that rule.
 
You must log in or register to reply here.

Similar threads

P
Weird VPN config - can it work?
Replies
4
Views
342
Patrick9876
P
S
No internet for router clients (OpenVPN + stunnel)
Replies
6
Views
383
santer_av
S
Viktor Jaep
OpenVPN Client Connection through existing OpenVPN Router Connection causes DISCONNECT
2
Replies
29
Views
1K
Viktor Jaep
Viktor Jaep
B
VPN router with Wifi to internet router
Replies
7
Views
626
b82m
B
B
Issue with selective VPN Routing on ASUS GS-AX3000 (WireGuard & VPN Fusion)
Replies
3
Views
313
BerkayDrsn
B
Similar threads
Thread starter Title Forum Replies Date
L VPN service question VPN 9

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 536 (members: 16, guests: 520)
Back
Top