VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    857
Anyone see an issue with how I've set this up?
Should I be choosing All sites on internet? Home Network only? Auto? TCP istead of UDP?
Definitely use "all sites on the internet and home network" for now. There's no harm if you have a decent connection and data allowance.

Don't forget to build new credentials and reload them after making any changes. Watch for loading old credentials inadvertently.
 
Here's an experience which might help someone: I had a terrible time getting a Win10 workstation connected to my Asus RT-AC68U OpenVPN using the default OpenVPN Win10 Client Software, I switched over to the tunXten OpenVPN client and connected immediately without issue. The tunXten OpenVPN client also provides much better feedback though it's logging functionality and a very nice GUI.
 
Thx, put my Asus router back in to the chain. Settings are the same as yours above, except I have 'user name and password auth only' checked on. Same issue.

I have it checked as Internet and local internet, but can't access any external sites either. Just hangs. Sometimes I can get into 192.168.1.21 (my NVR), access, check a page, then switch to another page and it hangs.

Which seems to imply it's more an issue that isn't the NVR itself I would think?
 
Pretty solid in general. I use Rogers here in Canada, so have posted in their help forum as well to see if others are experiencing issues. Wondering if it has something to do with their networks. Trying to think of anyone I know who is using another service and maybe I'll try connecting through that, but it it's my Rogers connection at the modem that is causing the issue, this won't help.

Pretty frustrating, especially knowing that when port forwarding I'm seeing Russian/Chinese hack attempts into the NVR. Pretty much renders my cameras useless if I can't access via mobile when I need to.

Edit: Came across this on the internet (a user from a few years ago having issues with connecting to openvpn when using certain Rogers ISPs), not sure what the suggestion is asking though "You may have problems with your ISP's firewalling when using VPN @ broken location. You should set up openvpn @ port 443/TCP. If it still won't work you can also give a try to push traffic via HTTP proxy to mask it."
 
Sorry... what I meant is:

If you connect your mobile/cellphone to the VPN, then access your router's IP address, can you navigate around the router's menu pages 100% reliably? If there are issues, nothing connected to the router will be any better... so test this aspect thoroughly.
 
No, not 100% reliability. Starts okay, then hangs after a while. I think it's a Rogers issue as the more I search the more I read about some sort of IPv6 implementation. Lots of users in this thread posting about similar challenges accessing cameras and VPN in general via Rogers mobile network.

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G - Page 12 - Rogers Community

That's even more frustrating if it's the case, as I'm loathe to change mobile providers. Will see if anyone has found a workaround in the thread.
 
  • Like
Reactions: Barboots
Rogers mobile I had to switch my VPN to tcp from udp. I am pretty sure if you mess with mtu when using udp you could probably get it to work but once I found vpn over tcp worked I gave up experimenting.


Sent from my Pixel XL using Tapatalk
 
  • Like
Reactions: pbc
I scrolled back through this thread. I'd definitely switch to tcp in your config and try that. I spent weeks trying to figure out why my VPN would work over every connection except Rogers mobile.

Sent from my Pixel XL using Tapatalk
 
Rogers mobile I had to switch my VPN to tcp from udp. I am pretty sure if you mess with mtu when using udp you could probably get it to work but once I found vpn over tcp worked I gave up experimenting.


Sent from my Pixel XL using Tapatalk

Holy crap...that did the trick my friend! Changed to TCP instead of UDP on my router and boom, access granted. Jesus I'm happy. Presumably no issues with TCP vs UDP security wise?
 
Not that I'm aware of. Less efficient from what I understand but not much to be done about that.

Sent from my Pixel XL using Tapatalk
 
So this is a first post, I could not find (or understand) an answer to this. So I have all incoming ports blocked on my firewall. I can use the Lorex Secure app and can see my cameras (although that seems odd I guess). So what is the risk not using a VPN? I really don't care about someone watching footage, I just don't somone using my network for whatever. The cameras are on a separate VLAN. Can someone explain the risk of blocking incoming all ports, but not using a VPN?
 
I could not find (or understand) an answer to this.
Query the forum and use Google for P2P networking security risks, vulnerabilities and exploits.

P2P is the networking concept where the device on the internal network creates an outbound connection to an external service, which can then redirect that inbound connection to what should only be a single authenticated client.
In practice, nothing is perfect, and not all services are secure enough and trustworthy.
 
Thank you for your message. That really does help.

I can not seem to get the Lorex Secure app to work through my VPN. Actually it does not seem to work unless it has access to the internet even on the local network. I'll have to search the forum if anyone has info on that.

Thank you again.
 
Thank you for your message. That really does help.

I can not seem to get the Lorex Secure app to work through my VPN. Actually it does not seem to work unless it has access to the internet even on the local network. I'll have to search the forum if anyone has info on that.

Thank you again.

It sounds like your Lorax app is still using p2p which will require internet access. If you’re using a vpn, then you should be trying to connect directly to your NVR and not out to a P2P server.
 
Holy crap...that did the trick my friend! Changed to TCP instead of UDP on my router and boom, access granted. Jesus I'm happy. Presumably no issues with TCP vs UDP security wise?
@dvand

Funny, I have been using UDP from day one (over a year now) with no issues. Also a Rogers customer.
 
@dvand

Funny, I have been using UDP from day one (over a year now) with no issues. Also a Rogers customer.


I have no doubt. I found that I could occasionally get it to work which was the most frustrating thing to diagnose. I also tried TCP vs UDP on a paid openvpn server to rule out the problem being limited to my configuration.

I ended up doing some debugging based on posts i found like this: No web traffic on LTE mobile broadband - OpenVPN Support Forum and found my problems were consistent.
 
It sounds like your Lorax app is still using p2p which will require internet access. If you’re using a vpn, then you should be trying to connect directly to your NVR and not out to a P2P server.

Thanks for the message. Yes, I couldn't find any way to connect by ip address. So I uninstalled it and tired the Lorex Cloud app. Definitely not as nice an app, but it let me connect by ip.
 
I have an Asus Router and Asus DDNS.

I set up the VPN on my home network router in July. I was able to use Open VPN both on Android, and on a Windows PC, to connect.

Today, when I'm trying, it's not connecting. I tried on both Android, and a Windows PC.

I tried doing a ns lookup on the DDNS, and then pinging the non-authoritative IP address. The request times out.

I am able to connect to my home Tivo through a Slingbox, so something on my home network appears to be working.

Any ideas?
 
Reboot the router.