auth.riotgames.com

[Deathstar69 1]

Hello,

when trying to create an account on the riot games web site, I'm being blocked with this message :

I'm on Columba (Belgium) server and got several others websites blocked. I need to be on a belgian server for remote work. 
I did not change any technical settings in Eddie. What can I do to resolve this problem ? 

Thanks in advance.

I got an error when visiting auth.riotgames.com/authorize?uri=https%3A%2F%2Fplayvalorant.com%2Ffr-fr%2Fdownload&client_id=prod-xsso-playvalorant&scope=openid+account+email&code_challenge_method=S256&code_challenge=bOjWXEgf9gnJnzNwfd7bF_QqVAjauqTV4_gjICykSYk&redirect_uri=https%3A%2F%2Fxsso.playvalorant.com%2Fredirect&state=4821e7717aeb0746812b717134&response_type=code&prompt=signup&show_region=true.
Error code: 1020
Ray ID: 7b6388867f82b93f
Country: BE
Data center: ams08
IP: 194.187.251.115
Timestamp: 2023-04-11 13:21:33 UTC

[OpenSourcerer 1361]

VPNs are likely to be blocked on competitive games such as League of Legends. There is no way around this.

[Deathstar69 1]

Ok I understand it but I wonder then why it's not blocked on every server (as shown in the capture) ? I made the test of Routes and as you can see some are opened. Why is Belgium blocked (eg. Netherlands is full open). 
Understand me, I'm not trying to blame anyone, just trying to get the logic in it.

[OpenSourcerer 1361]

This likely means that, so far, suspicious activity was registered from these servers. This hints at an automatic system working in the background. Should someone attempt to be malicious from the green servers in any way, they will likewise be cut off.

[just4life 0]

They  blocked every m247  seervers (not just airvpn)

[Stalinium 44]

It is safe to assume Riot Games is not aware of these CDN-based blocks. Try to contact support just to annoy them. I've played League during the pandemic and although the ping was higher with AirVPN, the connection was more stable than my direct ISP connection, without total packet loss and disconnects.

[dIecbasC 38]

I think that’s a dangerous assumption. Riot block bots and toxic players that detract from genuine players having a great experience. A significant proportion of these are identified as to be accessing the service via VPNs hence the blocks. I’d question the value in contacting support “just to annoy them”.  

[Stalinium 44]

The point of contacting support is to direct all this at those responsible for the blocks being in place. I don't understand why you described my assumption as dangerous. I think it's the most likely explanation given the inconsistent blocks that Deathstar has shown

[t0r 0]

Oh god. I just gave up on Mullvad, due to the lack of port forwarding, started my AirVPN subscription and now find out that every single sever is blocked.
How come mullvad servers were usualy not blocked, and if one was there were several others that were not?
I tried routing to Riot servers and its 100% " Fail (HTTP 403)".
Honestly if im not beeing able to run the VPN and play simultaniously i probably cant use AirVPN at all....

[OpenSourcerer 1361]

2 hours ago, t0r said:

Honestly if im not beeing able to run the VPN and play simultaniously i probably cant use AirVPN at all....

Is there a compelling reason for you to be connected to a VPN while playing a competitive game?

[t0r 0]

Well of course there are plenty of reasons.
I dont have a dedicated HTPC + NAS + Office PC + Gaming Station.
What i have is one machine hooked up to 3 Monitors and 1 TV.
So i might want to
game+watch region locked content.
Or game and run p2p.
Or game and have browser tabs open with websites dont want to see my real IP.
Or game and just change IP every now and then to circumvent restrictions.

And honestly, i really dont ever want to turn my VPN off at all (if possible).

I understand its not the fault of AirVPN or m247. But im puzzled why Mullvad managed to not get their servers blocked out from everything. They dont use m247 servers, for sure. But why would cloudflare or Riot treat those different then the m247 ones.
 

[OpenSourcerer 1361]

23 minutes ago, t0r said:

I understand its not the fault of AirVPN or m247. But im puzzled why Mullvad managed to not get their servers blocked out from everything. They dont use m247 servers, for sure. But why would cloudflare or Riot treat those different then the m247 ones.

Your understanding is not completely correct. M247 is a notorious hoster for VPN servers. They have offers tailored to exactly this use case, so there is some "fault" with them. Of course those who want to block anonymizers would target a company offering VPN servers as an official business case. Their address ranges are public knowledge, after all.
As for whether Mullvad uses M247, I am very sure there were M247 servers among the server fleet when I tested the service one, maybe two years ago. In fact, more than half of Germany was M247 back then. My interest in Mullvad went down quite a lot upon learning this as I dealt with restrictions similar to those experienced with M247 servers of AirVPN. It's no fun at all.
 

47 minutes ago, t0r said:

What i have is one machine hooked up to 3 Monitors and 1 TV.
So i might want to
game+watch region locked content.
Or game and run p2p.
Or game and have browser tabs open with websites dont want to see my real IP.
Or game and just change IP every now and then to circumvent restrictions.

Could these use cases be solved with a virtual machine connecting to AirVPN? Or rather multiple VMs in an internal VM network, one of which is a headless server with the sole purpose of connecting to AirVPN, while the other machines use this machine as their entry point to the internet (which would always go via VPN)? It's a bit of work to set up, but in the end you can browse and watch your region-locked content in one VM on one monitor and run P2P in another VM in the background. Reconnect to another server by reconnecting in the "proxy VM" and every VM would change their location, etcetc.

I mean, look, you can bemoan the status quo and say how unfair this all is, but in the end your pleas won't change the minds of those restricting VPN servers, so you gotta find ways around it, you know?

[t0r 0]

5 hours ago, OpenSourcerer said:

Your understanding is not completely correct. M247 is a notorious hoster for VPN servers. They have offers tailored to exactly this use case, so there is some "fault" with them. Of course those who want to block anonymizers would target a company offering VPN servers as an official business case. Their address ranges are public knowledge, after all.
As for whether Mullvad uses M247, I am very sure there were M247 servers among the server fleet when I tested the service one, maybe two years ago. In fact, more than half of Germany was M247 back then. My interest in Mullvad went down quite a lot upon learning this as I dealt with restrictions similar to those experienced with M247 servers of AirVPN. It's no fun at all.
 
Could these use cases be solved with a virtual machine connecting to AirVPN? Or rather multiple VMs in an internal VM network, one of which is a headless server with the sole purpose of connecting to AirVPN, while the other machines use this machine as their entry point to the internet (which would always go via VPN)? It's a bit of work to set up, but in the end you can browse and watch your region-locked content in one VM on one monitor and run P2P in another VM in the background. Reconnect to another server by reconnecting in the "proxy VM" and every VM would change their location, etcetc.

I mean, look, you can bemoan the status quo and say how unfair this all is, but in the end your pleas won't change the minds of those restricting VPN servers, so you gotta find ways around it, you know?

I just double checked on the Mullvad website. I usually went with switzerland ones when i didnt need a specific location (due to ping and distance). While indeed many are rented servers, also from M247, they have several that they own themselfs. Those are the ones that never were problematic.

That might be an idea. I was planing to use some older hadware i have laying around to build a NAS anyway and i recently bought an HBA card for that - so hardware wise i would be settled, right?. I was planning to use TrueNAS on there, so i think VMs could be set up. Could that machine then be set up as a headless server to connect to AirVNP too? Unfortunatly i dont really know alot about that kind of things.
Also: I have a raspberry pi zero connected to my router, that is running Pi hole for my network. Do you think that one would be powerful enough to be used as the "entry point"?
Could you point me to any good resource with instructions how to set such a thing up? I just read over "Using AirVPN with DD-WRT". Is that what you would suggest?

[OpenSourcerer 1361]

13 hours ago, t0r said:

they have several that they own themselfs. Those are the ones that never were problematic.

Similar situation with AirVPN: Servers that are not M247 don't suffer such extensive restrictions from all over the internet.
 

13 hours ago, t0r said:

That might be an idea. I was planing to use some older hadware i have laying around to build a NAS anyway and i recently bought an HBA card for that - so hardware wise i would be settled, right?. I was planning to use TrueNAS on there, so i think VMs could be set up. Could that machine then be set up as a headless server to connect to AirVNP too? Unfortunatly i dont really know alot about that kind of things

In my very personal opinion, NAS devices should really be used as NAS devices: Network Attached Storage – strong I/O with stable networking. All that containerization stuff added to it requiring CPU and RAM power in addition is just blatant overfeaturing. I'd rather dedicate a machine to doing containerization/virtualization and have a simple SoC board like an ODROID HC4 as the dedicated storage provider. That way, you can use that storage for just that: Storing data. Like container images and their data.

But of course, it's an opinion. The truth is: There are NAS appliances and software integrating Docker and many VM hypervisors. Their existence does hint at a certain demand for it, so it is possible to do what you describe with a NAS OS like TrueNAS.
 

13 hours ago, t0r said:

Also: I have a raspberry pi zero connected to my router, that is running Pi hole for my network. Do you think that one would be powerful enough to be used as the "entry point"?

Eehh, it's possible to use it as such, but I don't recommend it. The Pi would be the connector to AirVPN – that is, the Pi will have to bear the cryptographic burden of all machines sending and receiving data through it. Its limited computational power will leave you with quite a bottleneck, and you will find the throughput of that network reduced considerably. Especially in the wake of torrenting you'd want a good CPU backbone for the device playing this role of a proxy.
 

14 hours ago, t0r said:

Could you point me to any good resource with instructions how to set such a thing up? I just read over "Using AirVPN with DD-WRT". Is that what you would suggest?

That is one way to do it, yes.

[YLwpLUbcf77U 32]

On 8/15/2023 at 5:21 AM, OpenSourcerer said:

Your understanding is not completely correct. M247 is a notorious hoster for VPN servers. They have offers tailored to exactly this use case, so there is some "fault" with them. Of course those who want to block anonymizers would target a company offering VPN servers as an official business case. Their address ranges are public knowledge, after all.
As for whether Mullvad uses M247, I am very sure there were M247 servers among the server fleet when I tested the service one, maybe two years ago. In fact, more than half of Germany was M247 back then. My interest in Mullvad went down quite a lot upon learning this as I dealt with restrictions similar to those experienced with M247 servers of AirVPN. It's no fun at all.
 

Sorry to bump this, but this is starting to become a major issue with most 'no log' VPNs:  a decreasing number of ISPs that will take their business with M247 becoming the lion's share.

For AirVPN, "An OpenVPN and WireGuard based VPN operated by activists in defense of net neutrality, privacy and against censorship." (from their HP), the simple option would be to block torrenting activity at least on some servers as copyright infringing activities are surely the reason why VPN providers are on so few ISPs today.  The elephant in the room is just what % of the userbase here or on any of their rivals is using a VPN purely for privacy and not engaging in any copyright infringing activity.  If it's too low, then the sad reality is the only way to keep the business in the black is to keep all ports open and hope for the best.  After having severe issues with simply checking email due to IPs being blocked, I finally switched to a VPN that has dedicated IPs hosted at more mainstream hosting (and residential ones too though not in my ideal location).  It's a boutique service most users probably aren't interested in, but would be something Air should consider adding (after all, it doesn't cost too much to open a new server).  Right now at least I plan to keep using AirVPN as a backup and props for them for having by far the best server status page of any provider, but every time a new server is added and it's from one of the hosts of ill repute (M247 being the most notorious), my heart dies a little.

[OpenSourcerer 1361]

1 hour ago, YLwpLUbcf77U said:

For AirVPN, "An OpenVPN and WireGuard based VPN operated by activists in defense of net neutrality, privacy and against censorship." (from their HP), the simple option would be to block torrenting activity at least on some servers as copyright infringing activities are surely the reason why VPN providers are on so few ISPs today

But then you're not really a defender of net neutrality anymore… so not an option.

[YLwpLUbcf77U 32]

14 minutes ago, OpenSourcerer said:

But then you're not really a defender of net neutrality anymore… so not an option.

Having servers that perform the same but simply don't allow torrenting would not hurt in this regard.
If most users simply use VPNs--be it Air or rivals--to protect their privacy, then torrenting is a non-issue.
It's a neat technology, but one's head needs to be buried in sand not to acknowledge that it's by and large nowadays used mostly for pirating.
If 'no log' VPNs continue to allow it, the number of ISPs willing to take their business will continue to diminish with regular internet capabilities being hamstrung by more and more sites blocking an increasingly concentrated number of rogue/anonymous VPN IP addresses.
 

[Staff 9764]

1 hour ago, YLwpLUbcf77U said:

Having servers that perform the same but simply don't allow torrenting would not hurt in this regard.
If most users simply use VPNs--be it Air or rivals--to protect their privacy, then torrenting is a non-issue.
 

Just a quick digression on this matter: no, it would not make any difference. Alleged usage of p2p protocols or even usage of p2p to share copyrighted content never causes an IP address to be included in a black list according to our 14 years approaching experience. By blocking torrenting we would also block VoIP, distribution of free and open source software, update systems of various software houses based on p2p and more without touching the problem you mention at all. We would betray our mission for no good side effect at all.

Nowadays the main reasons of blocks against VPN IP addresses are a different kind of abuse and, even more importantly, an a priori refusal of connections coming from any privacy enhancing system which hurts personal data harvesting and reselling. We are in the presence of the thorny issue of services that grant access only if the user is willing to give up his or her privacy, be it for personal data harvesting or for definite geo-location for any intellectual monopoly related issue.

That said, we also work daily to remove our IP addresses from the most important black lists around the world and we also make an important exception (since AirVPN birth, so it was decided in cold blood and deemed ex ante as the only acceptable violation of Net Neutrality) to the mission by blocking outbound port 25.
 

1 hour ago, YLwpLUbcf77U said:

f 'no log' VPNs continue to allow it, the number of ISPs willing to take their business will continue to diminish with regular internet capabilities being hamstrung by more and more sites blocking an increasingly concentrated number of rogue/anonymous VPN IP addresses.

Only time will tell whether you're right or not: in the last 13 years the amount of ISPs willing to take VPNs on their datacenters has increased significantly. AUP which forbade consumer VPN activity just 7-8 years ago have been rewritten to allow it (the discrimination remains against Tor in some cases, though). In any case our mission comes first, so it's not a matter to tweak the service and accept disgraceful compromises for us, but it's a matter to either providing the service according to the mission or not providing it at all. The customers and users only will reward or punish our commitments.

Kind regards
 

[YLwpLUbcf77U 32]

Staff's reply is very good to hear.  It's quite large so quoting will be skipped.

While issues remain with certain blocking and due to them, moving my main usage to a competitor with dedicated IPs on lower risk ISP/IPs, I still plan to keep using AirVPN for other household devices as by far they seem to be the most open about what they do compared to other similar services.  Not the largest, but unlike others, does appear to be running a VPN service both for profit (it's a business after all) and because they truly believe in net freedom.