Jump to content
Not connected, Your IP: 3.237.254.197

tuxornot

Members2
  • Content Count

    30
  • Joined

    ...
  • Last visited

    ...
  1. Thanks for replying giganerd, I have tried all the UK based servers and keep receiving the 403, if I bypass the vpn the page loads. I use pfsense and one vpn server at a time, went through all of the servers, cleared the cache (s) and rebooted pfsense, still the same thing, I have airvpn DNS set in pfsense so I wonder if that could cause the problem ?
  2. https://www.wickes.co.uk/ Can not reach this website using any of Airvpn UK servers, I get 403 Forbidden on each search attempt. I can reach it and browse if I bypass airvpn and can reach it and browse on my mobile phone over the O2 network, the site worked fine a few days ago and seems ok using airvpn router checker so I presume airvpn has been added to a block blacklist somewhere.
  3. Add to that a few UK servers throwing up googles captas, Naos for one.
  4. As a Test I changed airvpn server to Asterion and the Screwfix forum is now showing and working so there appears to be a problem with Arion.
  5. Changes Airvpn server to Arion and when accessing screwfix comunity forums (UK) I get a blank page, works ok over non vpn, had this issue before but never reported it till now. The link to the page is : https://community.screwfix.com/
  6. I have the same issue with 'DNS address 0 Servers 100 Errors', Only found it during a daily leak test, other dns sites produce normal results, Im guessing its the airvpn test thats a bit iffy. --
  7. Just changed server to another address and got the site to load, odd because it showed all green like the previous servers did, thank you !
  8. Thank you LZ1, I checked with the rout checker and the 2 servers I have tried show green / direct but I still get the error accessing the site.
  9. ​ Just found out that: ​ ​https://tuclothing.sainsburys.co.uk/ Is blocked on Airvpn, can be reached using a 'free proxy server' ( While on Airvpn ) Have tried a few vpn servers, same problem, Typical cloudfront error message: ​ ERROR The request could not be satisfied.Request blocked. Generated by cloudfront (CloudFront)Request ID: TO7Bwiwi1Wjl7hfYsZw2fIxCcCff5iGx3da_4H5q8K42uuJLjaALJw==​ ​There is no way I will drop a vpn to access a shopping site, other people in this house don’t agree with my stance ! ​ ​ ​ ​ ​ ​ ​ ​
  10. Thank you for posting this, makes an interesting read. Once private entities become involved with data in this way the only possible outcome will be a huge mess or as we say over here 'strong and stable' ! /s As a user of posteo I often take it for granted, I sometimes forget that its there, in the background working seamlessly, your post reminded me to actually visit the website and have a good read :-) --
  11. I started over with a fresh install of pfsense and swapped opendns to airvpn dns, so far everything seems to be working. I also added pfblockerNG, rather spiffy but well worth the effort.
  12. Just wanted to mention that the Guide's setting for Topology in "Step 3-A: Setting up the OpenVPN Client" might need changing. According to: https://community.openvpn.net/openvpn/wiki/Topology Subnet topology is the current recommended topology; it is not the default as of OpenVPN 2.3 for reasons of backwards-compatibility with 2.0.9-era configs. It is safe and recommended to use subnet topology when no old/outdated clients exist that are running OpenVPN 2.0.9 under Windows. In subnet topology, the tun device is configured with an IP and netmask like a "traditional" broadcast-based network. The traditional network and broadcast IPs should not be used; while tun has no concept of broadcasts, Windows clients will be unable to properly use these addresses. All remaining IPs in the network are available for use. Since every IP can be used, subnet topology allows the better utilization of IP space and easier to understand network layout. Going to Diagnostics / Command Prompt on my pfSense 2.3.3 box and entering: openvpn --version gives me: OpenVPN 2.3.14 So, it looks like a subnet topology would be a better choice than the current net30 topology.'' I'm testing a fresh pfsense install today, after reading your post I changed to the subnet topology, I dont have any need for backward compatibility, though some people will have. If I find any glitches then I will post back, may take some time as I go through all the logs for this and other stuff. One odd thing I did discover after setting the airvpn guide for pfsense, I have mostly linux computers, each has firejail installed and I use a set of custom commands to launch firejailed browsers in private mode, one of those options forces the browser to use a forced dns, in my case the dns servers are opendns, this worked ok, however using the airvpn dns guide I set up opendns. For some odd reason if firejail also uses opendns then the browser fails to pull webpages, change the firejail dns and no problem. I then changed an androids dns to opendns and the same thing, it fails to pull webpages. It seems to be that if a device has the same dns server as the one used in pfsense using the airvpn guide, then it wont pull webpages, I am unsure if this effects just me but I thought I would mention this in case anyone finds a phone or tablet wont connect, some people change the devices dns and may inadvertently hit this problem. From my point of view this is a trivial issue compared to the extra security the dns setting in this guide offer :-)
  13. I'm mostly clueless, but over on the pfsense forums I did a search for Resolver DNSSEC and got some hits. Unfortunately, almost all were unanswered. But, the indication was that there might be issues with DNSSEC if either IPV6 support is on or if DNS Query Forwarding is checked (I kept that option off in my 2.3.3 setup). Have you got IPV6 off everywhere? What happens if you turn off Forwarding? Also, back in "Step 7-A: System / General Setup", the author said to use only AirVPN's DNS Server (10.4.0.1) in the DNS Server slot. I decided not to do that and have four DNS servers listed there (thour 10.4.0.1 is the first one) with no issues. What are you using there? Maybe there's a problem with DNSSEC on whatever DNS Server you're using. Thanks for your reply, IPv6 is disabled throughout pfsense , not tried disabling forwarding yet. My dns servers are opendns. Oddly enough I was searching for DNSSec and the other setting options, I must have read the same unanswered posts you did. -- This might be OBE, but OpenDNS apparently doesn't support DNSSEC: https://support.opendns.com/hc/en-us/community/posts/220028387-OpenDNS-and-DNSSEC Similarly, AirVPN's DNS Server doesn't support DNSSEC: https://airvpn.org/topic/16202-request-dnssec/ So, if all you have are OpenDNS and AirVPN DNS servers set, having the DNSSEC (and the hardening option, too) will probably do bad things. Thats interesting, thanks for digging into it :-) I changed from opendns to airvpn dns just to do some tests. Il try and find some DNSSEC compliant servers to test with.
×
×
  • Create New...