Jump to content
Not connected, Your IP: 34.239.167.74

tuxornot

Members2
  • Content Count

    25
  • Joined

    ...
  • Last visited

    ...
  1. As a Test I changed airvpn server to Asterion and the Screwfix forum is now showing and working so there appears to be a problem with Arion.
  2. Changes Airvpn server to Arion and when accessing screwfix comunity forums (UK) I get a blank page, works ok over non vpn, had this issue before but never reported it till now. The link to the page is : https://community.screwfix.com/
  3. I have the same issue with 'DNS address 0 Servers 100 Errors', Only found it during a daily leak test, other dns sites produce normal results, Im guessing its the airvpn test thats a bit iffy. --
  4. Just changed server to another address and got the site to load, odd because it showed all green like the previous servers did, thank you !
  5. Thank you LZ1, I checked with the rout checker and the 2 servers I have tried show green / direct but I still get the error accessing the site.
  6. ​ Just found out that: ​ ​https://tuclothing.sainsburys.co.uk/ Is blocked on Airvpn, can be reached using a 'free proxy server' ( While on Airvpn ) Have tried a few vpn servers, same problem, Typical cloudfront error message: ​ ERROR The request could not be satisfied.Request blocked. Generated by cloudfront (CloudFront)Request ID: TO7Bwiwi1Wjl7hfYsZw2fIxCcCff5iGx3da_4H5q8K42uuJLjaALJw==​ ​There is no way I will drop a vpn to access a shopping site, other people in this house don’t agree with my stance ! ​ ​ ​ ​ ​ ​ ​ ​
  7. Thank you for posting this, makes an interesting read. Once private entities become involved with data in this way the only possible outcome will be a huge mess or as we say over here 'strong and stable' ! /s As a user of posteo I often take it for granted, I sometimes forget that its there, in the background working seamlessly, your post reminded me to actually visit the website and have a good read :-) --
  8. I started over with a fresh install of pfsense and swapped opendns to airvpn dns, so far everything seems to be working. I also added pfblockerNG, rather spiffy but well worth the effort.
  9. Just wanted to mention that the Guide's setting for Topology in "Step 3-A: Setting up the OpenVPN Client" might need changing. According to: https://community.openvpn.net/openvpn/wiki/Topology Subnet topology is the current recommended topology; it is not the default as of OpenVPN 2.3 for reasons of backwards-compatibility with 2.0.9-era configs. It is safe and recommended to use subnet topology when no old/outdated clients exist that are running OpenVPN 2.0.9 under Windows. In subnet topology, the tun device is configured with an IP and netmask like a "traditional" broadcast-based network. The traditional network and broadcast IPs should not be used; while tun has no concept of broadcasts, Windows clients will be unable to properly use these addresses. All remaining IPs in the network are available for use. Since every IP can be used, subnet topology allows the better utilization of IP space and easier to understand network layout. Going to Diagnostics / Command Prompt on my pfSense 2.3.3 box and entering: openvpn --version gives me: OpenVPN 2.3.14 So, it looks like a subnet topology would be a better choice than the current net30 topology.'' I'm testing a fresh pfsense install today, after reading your post I changed to the subnet topology, I dont have any need for backward compatibility, though some people will have. If I find any glitches then I will post back, may take some time as I go through all the logs for this and other stuff. One odd thing I did discover after setting the airvpn guide for pfsense, I have mostly linux computers, each has firejail installed and I use a set of custom commands to launch firejailed browsers in private mode, one of those options forces the browser to use a forced dns, in my case the dns servers are opendns, this worked ok, however using the airvpn dns guide I set up opendns. For some odd reason if firejail also uses opendns then the browser fails to pull webpages, change the firejail dns and no problem. I then changed an androids dns to opendns and the same thing, it fails to pull webpages. It seems to be that if a device has the same dns server as the one used in pfsense using the airvpn guide, then it wont pull webpages, I am unsure if this effects just me but I thought I would mention this in case anyone finds a phone or tablet wont connect, some people change the devices dns and may inadvertently hit this problem. From my point of view this is a trivial issue compared to the extra security the dns setting in this guide offer :-)
  10. I'm mostly clueless, but over on the pfsense forums I did a search for Resolver DNSSEC and got some hits. Unfortunately, almost all were unanswered. But, the indication was that there might be issues with DNSSEC if either IPV6 support is on or if DNS Query Forwarding is checked (I kept that option off in my 2.3.3 setup). Have you got IPV6 off everywhere? What happens if you turn off Forwarding? Also, back in "Step 7-A: System / General Setup", the author said to use only AirVPN's DNS Server (10.4.0.1) in the DNS Server slot. I decided not to do that and have four DNS servers listed there (thour 10.4.0.1 is the first one) with no issues. What are you using there? Maybe there's a problem with DNSSEC on whatever DNS Server you're using. Thanks for your reply, IPv6 is disabled throughout pfsense , not tried disabling forwarding yet. My dns servers are opendns. Oddly enough I was searching for DNSSec and the other setting options, I must have read the same unanswered posts you did. -- This might be OBE, but OpenDNS apparently doesn't support DNSSEC: https://support.opendns.com/hc/en-us/community/posts/220028387-OpenDNS-and-DNSSEC Similarly, AirVPN's DNS Server doesn't support DNSSEC: https://airvpn.org/topic/16202-request-dnssec/ So, if all you have are OpenDNS and AirVPN DNS servers set, having the DNSSEC (and the hardening option, too) will probably do bad things. Thats interesting, thanks for digging into it :-) I changed from opendns to airvpn dns just to do some tests. Il try and find some DNSSEC compliant servers to test with.
  11. In the 18 months I have used a vpn with pfsense I have never had to log off the vpn, its kept running until it fails of its own accord. I'm new to airvpn but I expect to have the connection always on in the same way. One thing I have learnt is if you import a config file then restarting the vpn is sometimes needed, after the restore pfsense reboots but sometimes the vpn goes off on a tangent and needs a restart.
  12. I assumed that the user information is stored within the generated key once obtained when you have logged into the site and downloaded the file with the data in.I'm sure that someone better informed could confirm that. I think they is unique to each user, the key replaces the need for pain text user details, that’s my understanding of it,
  13. This happens to same other 'updates' for various things, the developers often say its improvements but I believe they do it to keep our lives interesting :-)
  14. I'm mostly clueless, but over on the pfsense forums I did a search for Resolver DNSSEC and got some hits. Unfortunately, almost all were unanswered. But, the indication was that there might be issues with DNSSEC if either IPV6 support is on or if DNS Query Forwarding is checked (I kept that option off in my 2.3.3 setup). Have you got IPV6 off everywhere? What happens if you turn off Forwarding? Also, back in "Step 7-A: System / General Setup", the author said to use only AirVPN's DNS Server (10.4.0.1) in the DNS Server slot. I decided not to do that and have four DNS servers listed there (thour 10.4.0.1 is the first one) with no issues. What are you using there? Maybe there's a problem with DNSSEC on whatever DNS Server you're using. Thanks for your reply, IPv6 is disabled throughout pfsense , not tried disabling forwarding yet. My dns servers are opendns. Oddly enough I was searching for DNSSec and the other setting options, I must have read the same unanswered posts you did. --
  15. I think that name came from the set up the guide was based on, mines just called WAN.
×
×
  • Create New...