Page 1 of 3 123 LastLast
Results 1 to 10 of 28

Thread: VPN acting as if it is behind a firewall

  1. #1

    Default VPN acting as if it is behind a firewall

    I have been using AirVPN with Eddie as the configurator without issue for some time now, until I just did a reinstall from the latest Tumbleweed ISOs.

    Now, anything that required port forwarding before is not working. In particular Ktorrent and Plex.

    Ktorrent, while it can see the trackers (and reports seeds and leeches), will not DL or UL anything. RSS will start a torrent, but nothing DLs. My torrent site reports that I am not connectable. AirVPN support staff are telling me all the symptoms point to me being behind a firewall, but I have it set to off.

    If I turn off the VPN, everything works as expected.

    I am not the most technical Linux user and I'm not certain where to go from here in order to get things working again. Any help would be greatly appreciated.

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    12,047
    Blog Entries
    3

    Default Re: VPN acting as if it is behind a firewall

    Some VPN software forces everything to go via the VPN. And, as a result, normal connections - as with port forwarding - cannot work. I don't know if that applies to your VPN software, but it would explain what you are seeing.
    openSUSE Leap 15.1; KDE Plasma 5;

  3. #3
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,668
    Blog Entries
    1

    Default Re: VPN acting as if it is behind a firewall

    Technically,
    You shouldn't have to deal with any kind of port forwarding... Port forwarding by definition is what may need to be configured when network packets arrive on one network interface and needs to be modified to continue through another network interface.

    When you connect using a commercial VPN, your machine is typically connected to a virtual network where the VPN Provider will forward through another machine so that anyone on the Internet will see only the VPN Provider's "other machine" and not yours. Any forwarding (typically IP forwarding, not port forwarding) is done by the VPN Provider, and typically nothing is blocked unless your Provider expressly says it won't support that protocol.

    On your own machine,
    When you connect to your commercial VPN, your machine uses an IP address that won't work on your regular physical network. There is no forwarding of any kind done on your machine because your machine has only one working network interface (The VPN interface instead of your usual interface connecting to your local Internet Provider).

    While there is no port forwarding, it's likely that you have a port blocking problem.
    There are two parts to configuring and troubleshooting a service with port opened...
    - Make sure the application is running and configured for a specific port
    - Open the port in your firewall.

    Sometimes apps promise to automatically configure opening the firewall port, but I don't always trust that to happen, particular if your application might jump from one port to another.

    So,
    I recommend you go into your Ktorrent and maybe Plesk apps and configure fixed instead of randomized ports and then open that port in your firewall.

    HTH,
    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  4. #4

    Default Re: VPN acting as if it is behind a firewall

    @nrickert - Everything was working AOK before the Tumbleweed upgrade. All the same software (except versions) and all of the same configs.

    @tsu2 - My Torrent site and AirVPN both require Port Forwarding as per their Help files and/or Support. Without the VPN, I am unconnectable unless my router is port forwarded with regards to P2P (and Plex).

    I have all P2P ports static and my firewall reports:

    Me@linux-bsnx:~> firewall-cmd --get-zones
    FirewallD is not running

    The firewall on my router is also off. AirVPN says this doesn't matter anyway, only my PC.


    It seems to me that all of my ports should be open, yet they seem to not be.

  5. #5

    Default Re: VPN acting as if it is behind a firewall

    I've gone so far as to actually remove firewalld from my system and Susefirewall2 is not installed either.

    I have no firewall and yet I still seem to be behind one.

  6. #6
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,668
    Blog Entries
    1

    Default Re: VPN acting as if it is behind a firewall

    When your VPN is active,
    Post the results of the following commands
    Code:
    ip addr
    ip route
    And,
    With your Ktorrent running
    Code:
    telnet vpn_address    Ktorrent_port_number 
    And,
    Where is the documentation that you need to configure port forwarding?
    As I described, port forwarding may need to be configured elsewhere, but not typically on your own machine.
    I'm sure you misunderstand what is required.

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  7. #7

    Default Re: VPN acting as if it is behind a firewall

    Sorry for the confusion. The port forwarding is on my router and/or the VPN itself. The docs are on my torrent site and the AirVPN, site. It has proven to be necessary, except now, it's not working, or there is some other problem with the VPN that is making me unconnectable.

    I'll post the other stuff when I get a moment.

  8. #8

    Default Re: VPN acting as if it is behind a firewall

    Got a moment quicker than I thought.

    Me@linux-bsnx:~> ip addr
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    valid_lft forever preferred_lft forever
    2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 94:de:80:ae:e6:d5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.15/24 brd 192.168.0.255 scope global eno1
    valid_lft forever preferred_lft forever
    3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none
    inet 10.9.54.207/24 brd 10.9.54.255 scope global tun0
    valid_lft forever preferred_lft forever

    Me@linux-bsnx:~> ip route
    0.0.0.0/1 via 10.9.54.1 dev tun0
    default via 192.168.0.1 dev eno1 proto dhcp
    10.9.54.0/24 dev tun0 proto kernel scope link src 10.9.54.207
    128.0.0.0/1 via 10.9.54.1 dev tun0
    184.75.221.163 via 10.9.54.1 dev tun0
    184.75.221.165 via 192.168.0.1 dev eno1
    192.168.0.0/24 dev eno1 proto kernel scope link src 192.168.0.15


    Me@linux-bsnx:~> telnet 184.75.221.163 50982
    Trying 184.75.221.163...
    telnet: connect to address 184.75.221.163: Connection timed out

  9. #9
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    10,668
    Blog Entries
    1

    Default Re: VPN acting as if it is behind a firewall

    Quote Originally Posted by jrobb564 View Post
    Got a moment quicker than I thought.

    Me@linux-bsnx:~> ip addr
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    valid_lft forever preferred_lft forever
    2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 94:de:80:ae:e6:d5 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.15/24 brd 192.168.0.255 scope global eno1
    valid_lft forever preferred_lft forever
    3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
    link/none
    inet 10.9.54.207/24 brd 10.9.54.255 scope global tun0
    valid_lft forever preferred_lft forever

    Me@linux-bsnx:~> ip route
    0.0.0.0/1 via 10.9.54.1 dev tun0
    default via 192.168.0.1 dev eno1 proto dhcp
    10.9.54.0/24 dev tun0 proto kernel scope link src 10.9.54.207
    128.0.0.0/1 via 10.9.54.1 dev tun0
    184.75.221.163 via 10.9.54.1 dev tun0
    184.75.221.165 via 192.168.0.1 dev eno1
    192.168.0.0/24 dev eno1 proto kernel scope link src 192.168.0.15


    Me@linux-bsnx:~> telnet 184.75.221.163 50982
    Trying 184.75.221.163...
    telnet: connect to address 184.75.221.163: Connection timed out
    With this configuration you posted, your VPN address is 10.9.54.207, that is the address you want to run your telnet against. And, I assume that your Ktorrent inbound port which should be opened is 50982.

    It does look like AirVPN doesn't automatically set up port forwarding for your Ktorrent, you have to configure manually

    https://airvpn.org/faq/p2p/

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  10. #10

    Default Re: VPN acting as if it is behind a firewall

    Quote Originally Posted by tsu2 View Post
    With this configuration you posted, your VPN address is 10.9.54.207, that is the address you want to run your telnet against. And, I assume that your Ktorrent inbound port which should be opened is 50982.

    It does look like AirVPN doesn't automatically set up port forwarding for your Ktorrent, you have to configure manually

    https://airvpn.org/faq/p2p/

    TSU

    The ports *ARE* forwarded at AirVPN, and always have been.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •