Jump to content
Not connected, Your IP: 13.58.207.196
d4rk5oul

2 connections to same server prevention?

Recommended Posts

I'm looking to understand the behavior of what happens if i have a PFSense box setup to permanently be connected to a specific server, let's call it server A, and what happens if i then load the eddie client on a standard windows/linux computer and make a second connection through it.

 

Is there a chance the client will randomly connect to server A as well? Or is there some intelligence at work that will prevent this from happening and see i've already got a connection going to server A and make the client randomly pick any other server besides server A?

 

My concern is that if i have 2 connections going to the same server it will disconnect the first connection or screw up my port forwarding settings to the PFSense box.

 

How is this handled?

Share this post


Link to post

You can have multiple connections to the same server if you use different ports (at the server) or if you use different keys https://airvpn.org/devices/ .

 

However, multiple connections to the same server means port forwarding won't work unless Air comes up with the ability for us to direct which key/device the port forward goes to.

Share this post


Link to post

You can have multiple connections to the same server if you use different ports (at the server) or if you use different keys https://airvpn.org/devices/ .

 

 

Hello!

 

Additional updated information: with the latest implementation of load balancing system, connecting to different ports does not necessarily imply connection to different OpenVPN daemons (it's the load balancing system that decides which CPU core and therefore which OpenVPN daemon you will be "assigned" to) so this method might not work anymore. Therefore, setting different keys for different devices is now the only "guaranteed working" solution.

 

 

However, multiple connections to the same server means port forwarding won't work unless Air comes up with the ability for us to direct which key/device the port forward goes to.

 

Correct, this limitation stays in any case.

 

Kind regards

Share this post


Link to post

Thanks for the replies but i'm a little confused now.

 

Does this mean if i have a permanent connection to a server, via a pfsense box, with say port 1234 forwarded to it and then use the eddie client on a windows machine to make another connection there is a chance the eddie client will pick the same server to connect to as the pfsense box and thus screw up the port forwarding for it or will the eddie client realize I'm already connected to that server and pick any other server but that one?

 

The reason i ask is because i DONT wont the eddie client to connect to the same server. I want my pfsense box to connect to server A and the eddie client to connect to any other server but server A automatically to avoid any problems. Is this how the system is set up or is there a chance I'll end up with 2 connections being made to the same server?

Share this post


Link to post

Thanks for the replies but i'm a little confused now.

 

Does this mean if i have a permanent connection to a server, via a pfsense box, with say port 1234 forwarded to it and then use the eddie client on a windows machine to make another connection there is a chance the eddie client will pick the same server to connect to as the pfsense box and thus screw up the port forwarding for it or will the eddie client realize I'm already connected to that server and pick any other server but that one?

 

The reason i ask is because i DONT wont the eddie client to connect to the same server. I want my pfsense box to connect to server A and the eddie client to connect to any other server but server A automatically to avoid any problems. Is this how the system is set up or is there a chance I'll end up with 2 connections being made to the same server?

 

the easy thing to do is just blacklist (in eddie) the server you don't want to connect to.

Share this post


Link to post

Yeah i know i can black list it but i'm thinking about in 6 months time when i setup a new computer, put the eddie client on it and forget about setting the blacklist up again. At which point my pfsense box goes screwy because the eddie client happened to pick the same server its using.

 

It would be nice to know if there was something in place that prevents 2 connections going to the same server out of the box without me needing to purposely prevent it via a blacklist.

 

I mean to my mind it seems like the sensible thing for the network/client to do out of the box. See a connection has already been made to server A so automatically blacklists it and connects to a different one. I just wanted to know if this is actually the case or not.

Share this post


Link to post

Hello!

 

Probably the most direct solution is selecting specific servers sets on each machine or different FQDNs on each device.

 

An automated solution from us is unlikely. Say that you connect to server A with some cert/key pair. Another machine of yours connects to the same server A with a different pair. If we banned the new machine from connecting (either at server level or (even worse) at client level by intrusions on your settings) we would be adding an intrusive feature which is unwanted by many users. Probably unacceptable especially when you consider how easy is avoiding this problem with your own mind.

 

Kind regards

Share this post


Link to post

Ok, i'm not really sure i understand how/why it would be intrusive but the short answer to my question seems to be no and i need to manual configure each client not to connect to another clients server.

 

Thanks for letting me know.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...