Jump to content
Not connected, Your IP: 3.129.45.252
AirVPN
Sign in to follow this  
Followers 0
Psamathe

Incoming Connections Blocked

By Psamathe, ... in General & Suggestions

Recommended Posts

Psamathe    2

Psamathe
Posted ...

I've just upgraded my Little Snitch firewall (major update) and I'm getting periodic incoming Connections on openvpn blocked.

 

On 12 Jul 2017, 94.229.74.90 tried to establish an incoming connection to openvpn on UDP port 59573. The request was denied automatically because this kind of incoming connection cannot be delayed.

 

(94.229.74.90 is AirVPN's server I'm connected to Carinae?).

I've left them as blocked as I'm not sure if they are to be expected or if they are somebody outside AirVPN trying to get back to my computer (my lack of knowledge). It appears that the VPN works OK with these incoming connections being blocked or should I allow them (e.g. if they are part of some useful openvpn negotiation or something one would actually want).

 

(I'm running OpenVPN through Viscosity

 

Thanks

Share this post

Link to post

Staff    9893

Staff
Posted ...

Hello!

 

We could see some time ago that that was a message by LittleSnitch that's somehow misleading. UDP is connectionless so your node can receive UDP packets after it has started talking with an UDP based service, of course (for example: our VPN service). This does not necessarily imply that such UDP packets are an "incoming connection", or an unsolicited "incoming connection". 

 

94.229.74.90 is the entry-IP address of our server Carinae, while port 59573 was likely the ephemeral OpenVPN port (in your local host) . When you enter the VPN in UDP, all of your traffic flow (on your physical network interface) is already/still wrapped in UDP.

 

Kind regards

Share this post

Link to post

Psamathe    2

Psamathe
Posted ...

Hello!

 

We could see some time ago that that was a message by LittleSnitch that's somehow misleading. UDP is connectionless so your node can receive UDP packets after it has started talking with an UDP based service, of course (for example: our VPN service). This does not necessarily imply that such UDP packets are an "incoming connection", or an unsolicited "incoming connection". 

 

94.229.74.90 is the entry-IP address of our server Carinae, while port 59573 was likely the ephemeral OpenVPN port (in your local host) . When you enter the VPN in UDP, all of your traffic flow (on your physical network interface) is already/still wrapped in UDP.

 

Kind regards

So best to allow them or refuse them using the Little Snitch rule (from a security perspective)?

Share this post

Link to post

Staff    9893

Staff
Posted ...

Hello!

 

You need to have them accepted. The fact that the problem is sporadic makes it not relevant: you will not notice any slow down. However, if the amount of dropped packets rises, you will see a dramatic slow down up to a complete halt of the traffic flow to/from the VPN server. At the moment we don't know why LittleSnitch drops a packet only now and then.

 

Kind regards

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...