VPN Primer for Noobs

What VPN Solution are you using?


  • Total voters
    836

Barboots

Pulling my weight
Joined
Mar 15, 2018
Messages
408
Reaction score
241
Location
Perth, Western Australia
Anyone see an issue with how I've set this up?
Should I be choosing All sites on internet? Home Network only? Auto? TCP istead of UDP?
Definitely use "all sites on the internet and home network" for now. There's no harm if you have a decent connection and data allowance.

Don't forget to build new credentials and reload them after making any changes. Watch for loading old credentials inadvertently.
 

Q™

IPCT Contributor
Joined
Feb 16, 2015
Messages
4,990
Reaction score
3,989
Location
Megatroplis, USA
Here's an experience which might help someone: I had a terrible time getting a Win10 workstation connected to my Asus RT-AC68U OpenVPN using the default OpenVPN Win10 Client Software, I switched over to the tunXten OpenVPN client and connected immediately without issue. The tunXten OpenVPN client also provides much better feedback though it's logging functionality and a very nice GUI.
 

pbc

Getting comfortable
Joined
Jul 11, 2014
Messages
1,024
Reaction score
156
Thx, put my Asus router back in to the chain. Settings are the same as yours above, except I have 'user name and password auth only' checked on. Same issue.

I have it checked as Internet and local internet, but can't access any external sites either. Just hangs. Sometimes I can get into 192.168.1.21 (my NVR), access, check a page, then switch to another page and it hangs.

Which seems to imply it's more an issue that isn't the NVR itself I would think?
 

pbc

Getting comfortable
Joined
Jul 11, 2014
Messages
1,024
Reaction score
156
Pretty solid in general. I use Rogers here in Canada, so have posted in their help forum as well to see if others are experiencing issues. Wondering if it has something to do with their networks. Trying to think of anyone I know who is using another service and maybe I'll try connecting through that, but it it's my Rogers connection at the modem that is causing the issue, this won't help.

Pretty frustrating, especially knowing that when port forwarding I'm seeing Russian/Chinese hack attempts into the NVR. Pretty much renders my cameras useless if I can't access via mobile when I need to.

Edit: Came across this on the internet (a user from a few years ago having issues with connecting to openvpn when using certain Rogers ISPs), not sure what the suggestion is asking though "You may have problems with your ISP's firewalling when using VPN @ broken location. You should set up openvpn @ port 443/TCP. If it still won't work you can also give a try to push traffic via HTTP proxy to mask it."
 

Barboots

Pulling my weight
Joined
Mar 15, 2018
Messages
408
Reaction score
241
Location
Perth, Western Australia
Sorry... what I meant is:

If you connect your mobile/cellphone to the VPN, then access your router's IP address, can you navigate around the router's menu pages 100% reliably? If there are issues, nothing connected to the router will be any better... so test this aspect thoroughly.
 

pbc

Getting comfortable
Joined
Jul 11, 2014
Messages
1,024
Reaction score
156
No, not 100% reliability. Starts okay, then hangs after a while. I think it's a Rogers issue as the more I search the more I read about some sort of IPv6 implementation. Lots of users in this thread posting about similar challenges accessing cameras and VPN in general via Rogers mobile network.

Re: Issues with IKEv2 IPSec VPN on Rogers LTE/3G - Page 12 - Rogers Community

That's even more frustrating if it's the case, as I'm loathe to change mobile providers. Will see if anyone has found a workaround in the thread.
 

dvand

n3wb
Joined
Jul 26, 2018
Messages
28
Reaction score
7
Location
US
Rogers mobile I had to switch my VPN to tcp from udp. I am pretty sure if you mess with mtu when using udp you could probably get it to work but once I found vpn over tcp worked I gave up experimenting.


Sent from my Pixel XL using Tapatalk
 
  • Like
Reactions: pbc

dvand

n3wb
Joined
Jul 26, 2018
Messages
28
Reaction score
7
Location
US
I scrolled back through this thread. I'd definitely switch to tcp in your config and try that. I spent weeks trying to figure out why my VPN would work over every connection except Rogers mobile.

Sent from my Pixel XL using Tapatalk
 

pbc

Getting comfortable
Joined
Jul 11, 2014
Messages
1,024
Reaction score
156
Rogers mobile I had to switch my VPN to tcp from udp. I am pretty sure if you mess with mtu when using udp you could probably get it to work but once I found vpn over tcp worked I gave up experimenting.


Sent from my Pixel XL using Tapatalk
Holy crap...that did the trick my friend! Changed to TCP instead of UDP on my router and boom, access granted. Jesus I'm happy. Presumably no issues with TCP vs UDP security wise?
 

dvand

n3wb
Joined
Jul 26, 2018
Messages
28
Reaction score
7
Location
US
Not that I'm aware of. Less efficient from what I understand but not much to be done about that.

Sent from my Pixel XL using Tapatalk
 

g19man

n3wb
Joined
Nov 24, 2018
Messages
4
Reaction score
0
Location
USA
So this is a first post, I could not find (or understand) an answer to this. So I have all incoming ports blocked on my firewall. I can use the Lorex Secure app and can see my cameras (although that seems odd I guess). So what is the risk not using a VPN? I really don't care about someone watching footage, I just don't somone using my network for whatever. The cameras are on a separate VLAN. Can someone explain the risk of blocking incoming all ports, but not using a VPN?
 

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,929
Reaction score
6,777
Location
Scotland
I could not find (or understand) an answer to this.
Query the forum and use Google for P2P networking security risks, vulnerabilities and exploits.

P2P is the networking concept where the device on the internal network creates an outbound connection to an external service, which can then redirect that inbound connection to what should only be a single authenticated client.
In practice, nothing is perfect, and not all services are secure enough and trustworthy.
 

g19man

n3wb
Joined
Nov 24, 2018
Messages
4
Reaction score
0
Location
USA
Thank you for your message. That really does help.

I can not seem to get the Lorex Secure app to work through my VPN. Actually it does not seem to work unless it has access to the internet even on the local network. I'll have to search the forum if anyone has info on that.

Thank you again.
 

cuz

Getting the hang of it
Joined
Nov 4, 2018
Messages
124
Reaction score
40
Location
New England
Thank you for your message. That really does help.

I can not seem to get the Lorex Secure app to work through my VPN. Actually it does not seem to work unless it has access to the internet even on the local network. I'll have to search the forum if anyone has info on that.

Thank you again.
It sounds like your Lorax app is still using p2p which will require internet access. If you’re using a vpn, then you should be trying to connect directly to your NVR and not out to a P2P server.
 

58chev

Pulling my weight
Joined
Aug 30, 2017
Messages
300
Reaction score
143
Location
Etobi, Ontario
Holy crap...that did the trick my friend! Changed to TCP instead of UDP on my router and boom, access granted. Jesus I'm happy. Presumably no issues with TCP vs UDP security wise?
@dvand

Funny, I have been using UDP from day one (over a year now) with no issues. Also a Rogers customer.
 

dvand

n3wb
Joined
Jul 26, 2018
Messages
28
Reaction score
7
Location
US
@dvand

Funny, I have been using UDP from day one (over a year now) with no issues. Also a Rogers customer.

I have no doubt. I found that I could occasionally get it to work which was the most frustrating thing to diagnose. I also tried TCP vs UDP on a paid openvpn server to rule out the problem being limited to my configuration.

I ended up doing some debugging based on posts i found like this: No web traffic on LTE mobile broadband - OpenVPN Support Forum and found my problems were consistent.
 

g19man

n3wb
Joined
Nov 24, 2018
Messages
4
Reaction score
0
Location
USA
It sounds like your Lorax app is still using p2p which will require internet access. If you’re using a vpn, then you should be trying to connect directly to your NVR and not out to a P2P server.
Thanks for the message. Yes, I couldn't find any way to connect by ip address. So I uninstalled it and tired the Lorex Cloud app. Definitely not as nice an app, but it let me connect by ip.
 

nuraman00

Getting the hang of it
Joined
Aug 6, 2017
Messages
348
Reaction score
14
I have an Asus Router and Asus DDNS.

I set up the VPN on my home network router in July. I was able to use Open VPN both on Android, and on a Windows PC, to connect.

Today, when I'm trying, it's not connecting. I tried on both Android, and a Windows PC.

I tried doing a ns lookup on the DDNS, and then pinging the non-authoritative IP address. The request times out.

I am able to connect to my home Tivo through a Slingbox, so something on my home network appears to be working.

Any ideas?
 
Top