Blocked Google, and now can't access BI remotely.

OBXJeepGuy

Pulling my weight
Joined
Oct 29, 2021
Messages
79
Reaction score
101
Location
Powells Point, NC
Some of you may have seen where I was talking about all of these strange IP addresses showing up on my BI Status logs under "connections". What will happen is I will log in remotely, the Verizon IP address my phone has will show up, and then almost immedaitely, it will change to a google IP address which comes back to bc.googleusercontent.com. After blocking their entire IP range, I now cannot access BI remotely. This really pisses me off because for the first while of using this remotely, I wouldn't have any such nonsense "attached" when I would log in. Now that I have blocked it all, it seems as if Google has said "Oh yeah? Watch this."

This brings me to the fact that now I have to set up a VPN on pfSense, and also make it so my wife can use it. And that is IF a VPN will cure any of this.

Anyone else having trouble with, or found a way around it? I am quite new with pfSense, so be easy on me.
 

The Automation Guy

Known around here
Joined
Feb 7, 2019
Messages
1,377
Reaction score
2,738
Location
USA
A VPN can cure the issue. With a VPN you can stop trying to block Google. The VPN will create an encrypted tunnel between your device and your local network. Nothing can snoop this connection, including Google or Verizon. A VPN that is set up correctly will also require a encryption key to to connect to your local network. So while technically there is still one open port on your firewall/router for the VPN, it cannot be penetrated without the encryption key which makes it much more secure than simply opening/forwarding a port to your BI machine which is how you have been handling it.

With pfSense, use the VPN export plugin to make setting up your mobile devices easy. You can simply nagivate to the pfSense VPN export page (while on your local network) and download the VPN export file. You can import this into a VPN app (like OpenVPN) on your mobile device and it will set everything up automatically. You'll have to enter your username and password (which you set up in pfSense) but you can even save that in the app if you don't want to have to enter it each time. You just do this one time while on your home network to set everything up.

If you have Android devices, you can even go a step further by using the "Tasker" app. I've created a shortcut that is designed to open my BI app. However it also checks my wifi network and if I am not connected to my home network, it will automatically start the VPN connection, pause for a few seconds while that connection is made, and then open the BI app. If I happen to be on my home network, it skips the OpenVPN connection and immediately opens the BI app. This make logging into my BI system from inside or outside of my network extremely easy. It's so easy in fact that my wife can do it without any issues or directions. She simply clicks on that Tasker shortcut (which uses the BI app icon) and it connects. She has no idea the "behind the scenes" things that have to go on to make that connection work.
 
Last edited:

OBXJeepGuy

Pulling my weight
Joined
Oct 29, 2021
Messages
79
Reaction score
101
Location
Powells Point, NC
I forgot to mention. I had PFB_NorthAmerica_v4 active on pfBlockerNG. This was the problem. Apparently my ISP, and Verizon wireless are included in the block lists.
 

bp2008

Staff member
Joined
Mar 10, 2014
Messages
12,666
Reaction score
14,007
Location
USA
There's a feature called "Data Saver" also known as "Lite Mode" which can have a google server act as a data-compressing proxy between you and some sites that you visit. The feature is supposed to be gone soon (google is removing it) but if you have it enabled right now it could be the cause of some problems.
 
Top