Jump to content
Not connected, Your IP: 3.238.95.208
Angeim

My IP is leaking to Google?

Recommended Posts

Posted ... (edited)

Hi,

I configured my router to work via ee.vpn.airdns.org and use Google DNS servers (8.8.8.8 and 8.8.4.4). All requests do seem to go via 213.152.161.25, ipleak.net doesn't show any leaks
image.thumb.png.234b2e00b23c43e6dcfe035f26cd8a05.png

 curl ifconfig.me returns 213.152.161.25, all DNS requests seem to go via the VPN too:

$ traceroute -U 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
 1  Linksys00639.lan (10.20.0.1)  1.119 ms  1.814 ms  1.872 ms
 2  10.24.244.1 (10.24.244.1)  71.463 ms  71.703 ms  71.763 ms
 3  hosted-by-macrobash.com (134.19.179.249)  78.392 ms  78.364 ms  78.336 ms
 4  37.123.210.78 (37.123.210.78)  75.221 ms  72.374 ms  72.561 ms
 5  core1.ams.net.google.com (80.249.208.247)  72.763 ms  72.508 ms  72.712 ms
 6  108.170.241.193 (108.170.241.193)  73.058 ms 108.170.241.161 (108.170.241.161)  71.979 ms 108.170.241.225 (108.170.241.225)  72.067 ms
 7  142.251.48.175 (142.251.48.175)  71.375 ms 172.253.71.199 (172.253.71.199)  73.352 ms 142.250.211.91 (142.250.211.91)  73.113 ms
 8  * * *
Just like any other traffic:
$ traceroute google.com
traceroute to google.com (142.251.36.14), 30 hops max, 60 byte packets
 1  Linksys00639.lan (10.20.0.1)  0.649 ms  1.530 ms  1.554 ms
 2  10.24.244.1 (10.24.244.1)  138.558 ms  138.657 ms  138.702 ms
 3  hosted-by-macrobash.com (134.19.179.249)  222.638 ms  222.611 ms  222.585 ms
 4  37.123.210.78 (37.123.210.78)  137.943 ms  137.867 ms  137.833 ms
 5  core1.ams.net.google.com (80.249.208.247)  137.803 ms  137.774 ms  137.745 ms
 6  108.170.241.129 (108.170.241.129)  138.485 ms 108.170.241.161 (108.170.241.161)  134.951 ms 108.170.241.129 (108.170.241.129)  135.559 ms
 7  172.253.71.201 (172.253.71.201)  135.577 ms 172.253.71.199 (172.253.71.199)  72.217 ms  72.184 ms
 8  ams15s44-in-f14.1e100.net (142.251.36.14)  72.526 ms  72.487 ms  72.638 ms

The problem is that Google somehow detects my ISP's IP address:
image.thumb.png.1ef11785b8be62f3cc9ae84dff4df6e2.png

whatismyipaddress.com also sometimes reports that address (and sometimes it reports 213.152.161.25). I have a "kill switch" configured, so whenever the VPN tunnel goes down nothing is routed via my ISP.
My own web server hosted on AWS always shows me that I connect from 213.152.161.25 (even when whatismyipaddress.com and Google show me 91.236.xxx.xxx).

How can that happen? Edited ... by Angeim

Share this post


Link to post

Please edit that post and change the headline to something less accusatory. AirVPN is not the problem, it's your setup; no need to point fingers here.
Then, you omitted the OpenVPN logs from your router. There's no troubleshooting without them, only crude assumptions, with which I'll continue.

Assuming the connection is stable, I'd guess there's something wrong with routes. The ip -4 r command should tell us more.
Assuming it is not, I'd say your "kill switch" is malfunctioning, the connection goes down and nothing prevents connections from going out on the physical interface. Do tell us more about that killswitch: Programs you're using, what triggers what, etc.

On a side note, I'd like to strongly advise against using Google DNS as the request data is used to fine-tune user profiles. Unless you like to be tracked every step you take in the web, of course. :)


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post
Posted ... (edited)

Sorry, I think I found the answer to my own question: I have a rule that routes all UDP traffic to port 443 via my ISP. This is for OpenVPN to be able to connect to the server, I had to disable the routes that OpenVPN pulled from the server because it chose a wrong interface resulting in a non-working VPN. Will think how to deal with it...

Edited ... by Angeim
typo

Share this post


Link to post

After fixing the routing rule Google no longer detects my ISP's IP address. Still, it would be great if ipleak.net could check for this kind of leak (AirVPN uses UDP port 443 by default after all).

Share this post


Link to post
5 hours ago, Angeim said:

(AirVPN uses UDP port 443 by default after all)


No. You connect with that port. The source port is dynamic. It is therefore impossible to check for that unless IPLeak starts doing port scans on all hosts, which some IT people might find questionable at best.

» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post
11 hours ago, Angeim said:

Sorry, I think I found the answer to my own question: I have a rule that routes all UDP traffic to port 443 via my ISP. This is for OpenVPN to be able to connect to the server, I had to disable the routes that OpenVPN pulled from the server because it chose a wrong interface resulting in a non-working VPN. Will think how to deal with it...


Earlier this year dd-wrt builds had a "wrong interface" bug of the sort you describe.  I ran into it on build 46069. The workaround was to add "redirect-private local" to the openvpn client Additional Config. Better yet, update to a newer build. I'm on 46816 now, and that bug is gone. 

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...