Jump to content
Not connected, Your IP: 3.237.2.4
pembrokeVPN

VPN Connection information being detected

Recommended Posts

Came across this site from the pfSense forum

https://ipx.ac/run

When I connect over AirVPN on my OpenVPN server on pfSense nothing is detected under Network Link. However when I connect over my own OpenVPN connection on pfSense it detects "OpenVPN TCP bs128 SHA256 lzo".

My query is what is the setting on OpenVPN server that prevents connection information from leaking, obviously AirVPN know what they are doing 🙂

Share this post


Link to post

Could be --tls-crypt. It's encrypting all control channel packets, not only some of them. One of the packet types contains the peer (or client) info, e.g., whether LZO is used.


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

Well I'm using tls-crypt on both on own OpenVPN instance and my AirVPN OpenVPN instance.

The way I have setup the two OpenVPN servers are basically identical, so I think there is something on the AirVPN side that prevents some data leakage but it's not obvious what.

Share this post


Link to post

Hm. Maybe --push-peer-info is enabled on your side?


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

Had to look up push peer info, seems like it would present more information about the connection. However, I don't think I have in enabled in the client.

My own OpenVPN client config:
dev tun
persist-tun
persist-key
data-ciphers AES-256-GCM
data-ciphers-fallback AES-256-GCM
auth SHA512
tls-client
client
resolv-retry infinite
remote MY IP ADDRESS 1140 udp4
verify-x509-name "MY OPENVPN" name
auth-user-pass
remote-cert-tls server
comp-lzo no
explicit-exit-notify

My AirVPN client config:
client
dev tun
remote AirVPN Server 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
explicit-exit-notify 5
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
auth SHA512

Now I see my client certs are not so similar, is there anything on my config which stands out or vice versa with the AirVPN config ?

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...