What's new

Routing my VPN Server through VPN Client 1 Having issues with Facetime

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Ok so can it be fixed? meaning can I use my own VPN Server 2 on the router/ connect to that / and still use facetime / apple services ? Or is this the expected behavior that it wont work !

NOT if the OpenVPN client is running on the same device as the app that refuses to run w/ a VPN. You have to *hide* the VPN from the apps.
 
NOT if the OpenVPN client is running on the same device as the app that refuses to run w/ a VPN. You have to *hide* the VPN from the apps.

P.S. That's why road warriors would be wise to carry a travel router w/ an OpenVPN client enabled so the VPN remains invisible to your devices. Unfortunately, running the OpenVPN client (or any VPN for that matter) on the device itself opens the door to the possibility of detection by the device's apps. I used to have that issue w/ MLB. If you enabled a VPN, it refused to run. It was their *policy*.I
I'm still not understanding though why my apple laptop is working when I route the device through the VPN directly using vpn director but it doesn't work while using the openvpn app connected to server 2 --- Isn't it being routed through the same thing?
 
I'm still not understanding though why my apple laptop is working when I route the device through the VPN directly using vpn director but it doesn't work while using the openvpn app connected to server 2 --- Isn't it being routed through the same thing?

You are NOT running it directly through the VPN. By directly, I mean the OpenVPN client is running on the apple laptop itself. Instead, the OpenVPN client is running *upstream*, on the router, and is thus *invisible* to the Apple laptop. So in that case, it works.
 
could it be that Server 2 isn't allowing these ports to connect ?
FaceTimeiMessage
  • 80 (TCP)
  • 443 (TCP)
  • 3478 through 3497 (UDP)
  • 5223 (TCP)
  • 16384 through 16387 (UDP)
  • 16393 through 16402 (UDP)
  • 80 (TCP)
  • 443 (TCP)
  • 5223 (TCP)
 
Hmm, you just don't seem to be getting it. Based on everything we've learned so far, the problem seems to be one of policy, by Apple. If the OpenVPN client is running on the same device as the app you're trying to use, and that apps falls within Apple's policy about what is NOT allowed to use a VPN (e.g., Facetime), the Apple OS will either deny it access to the internet entirely, or else bypass that OpenVPN client and access the internet directly from the cellular provider. It's just that simple. It's NOT a technical problem. It's a policy, enforceable by Apple because it sees the OpenVPN client running on its own device. Once you're using wifi and the OpenVPN client is running on the ***router***, Apple has no way to enforce that policy; it can't see the VPN.
 
I do understand but then why if I install the Hide.me vpn app directly on my mac and connect to the same VPN server as Client 1 on the router does it now work ??? Meaning if OSX was blocking the service when using the vpn... Wouldn't it not work ?
 
I do understand but then why if I install the Hide.me vpn app directly on my mac and connect to the same VPN server as Client 1 on the router does it now work ??? Meaning if OSX was blocking the service when using the vpn... Wouldn't it not work ?

I'm just going by the statement you provided from the folks @ OpenVPN. It doesn't go into great detail. I don't know if there are any other qualifications, such as it applies only to certain platforms (e.g., handhelds) and NOT others. As we all know, Apple does things its own way, and rarely bothers providing justification. They just do it, and without regard to whether it's done consistently, or in a way that comports w/ anyone else's sensibilities.
 
So I figured it out with all the info you provided ... Its the client ! As you said it seems that OpenVPN connect blocks apple services when its running on the apple device itself... I found a client that doesnt do that called Passepartout.. If I use that client I can use News / facetime / messages and also the ip is my vpn IP --- The way it works on my iPhone =)
 
So I figured it out with all the info you provided ... Its the client ! As you said it seems that OpenVPN connect blocks apple services when its running on the apple device itself... I found a client that doesnt do that called Passepartout.. If I use that client I can use News / facetime / messages and also the ip is my vpn IP --- The way it works on my iPhone =)
I've been using Passepartout for a long time on my iPhone and MacBook. It's an awesome app.
 
Out of curiosity, I tried Passepartout myself. I was particularly interested in whether it supported bridged (TAP) OpenVPN tunnels w/ my iPhone, since traditionally this has NOT been possible w/ OpenVPN Connect on iOS, presumably a limitation imposed by Apple. But I wasn't sure, so I tried it w/ Passepartout.

NOPE, no dice.

It imports the OpenVPN config file w/o complaints. And it reports no errors. It even shows traffic flow in each direction. But NOTHING is accessible over the tunnel. Same client configuration from a Windows/Linux desktop/laptop to the same server works perfectly. I haven't a clue what *I* could change to resolve the issue.

Ugg, and I had such high hopes.

Would be much appreciated if the Passepartout developer refused to import the config file if it's KNOWN to be unsupported. Would just save everyone a lot of unnecessary aggravation.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top