Jump to content
Not connected, Your IP: 3.237.71.23
Hearts

VPN routing not working for a specific website

Recommended Posts

Posted ... (edited)

Hi!  I've been enjoying Eddie a lot, especially a feature that lets me add OVPN directives.  I currently have it set up to bypass my VPN for some specific websites that do not allow VPN access.  For that I use the following custom directive:
route website.com 255.255.255.255 192.168.0.1
I have several of these directives in this format for certain sites.  However, recently something odd has started happening with one website I frequent in particular.  I will be connected to my VPN and browsing normally, and the bypass appears to work, but then after about 10 minutes of using the site, I trigger the VPN block.  Resetting my connection in Eddie seems to fix the problem.
It's strange that this only started happening today because I had been using this feature for a few months now without ever experiencing this. The only thing that I recently changed was getting rid of a redundant internet connection at home (I now have two PCs connecting to the VPN through the same ISP, but they had been connected to different ISPs previously).  So now I have two devices using Eddie from the same home IP address, both going through my router.  Both of them experience this problem in Eddie, where the VPN routing needs to be "reset" every 10 minutes or so in order for me to browse this specific site.  What's strange is that another website that I have routing set up for for testing (whatsmyip.org) seems to continue to bypass the VPN and shows my actual IP address.  So I'm not sure why this other site begins to detect that I'm using a VPN.

Any help would be appreciated.

[edit] I talked to the site admin about it and they suggested it might be related to CloudFlare changing the site's IP.  I tried NSlookup on the site a few times and it was giving me a different IP address every 15 minutes or so.  Is this unusual?  Also, why did it only now stop working?  Shouldn't my routing command in my OVPN directives still bypass the site based on its name even though the IP address changes?  If not, how was it working so seamlessly prior to today?

Edited ... by Hearts

Share this post


Link to post
6 hours ago, Hearts said:

Hi!  I've been enjoying Eddie a lot, especially a feature that lets me add OVPN directives.  I currently have it set up to bypass my VPN for some specific websites that do not allow VPN access.  For that I use the following custom directive:
route website.com 255.255.255.255 192.168.0.1


Don't know why you're using custom directives here, you can set exactly the same thing in Preferences > Routes and even tag entries with comments. Anyway..
 
6 hours ago, Hearts said:

Shouldn't my routing command in my OVPN directives still bypass the site based on its name even though the IP address changes?


Found the problem: You are using a domain name and you don't fully understand how OpenVPN treats it.
OpenVPN resolves names in route directives only at connect and uses the results to create routing table entries, and only these results. It does not dynamically change the routing table if the name resolves to another IP while you are connected. So, should this change, the connection will once again go through the VPN due to a lack of a route directing the new IP via your ISP line.

Now, the most obvious solution for most would be to create a separate route for all addresses to which the website name seems to resolve. But depending on the "size" of the website you are using you could end up with 3, 30 or more. Essentially, it mutates to a cat-and-mouse game for you.

» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Ah, so that would indicate that something HAS changed on the site's end.  Kind of a shame but I guess I'll have to find a new work-around.  I started trying to grab all the IPs yesterday and ended up with about 20 before giving up.  It would be nice if there were a solution that did just dynamically change the routing table, like you say, but I'm not aware if such a feature exists.

Share this post


Link to post
12 minutes ago, Hearts said:

It would be nice if there were a solution that did just dynamically change the routing table, like you say, but I'm not aware if such a feature exists.


Not to my knowledge. Would be an irrelevant feature, anyway, because OpenVPN is first and foremost a VPN solution, not a versatile content unblocker.

» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...