Jump to content
Not connected, Your IP: 3.88.254.50

Recommended Posts

So my girlfriend has recently started her masters in Germany, and her internet provided to her flat is from the University. She wanted a VPN and AirVPN seemed to be the most flexible choice, so we started there.

Right off the bat, it seemed that the network was blocking all VPN traffic (it was impossible to connect to VPN, or even authenticate credentials while on the university network, but tethered to my phone we could connect to the VPN with no problems). It turned out to be even worse than that: even VPN over SSH is resulting in timeout errors, which seems to imply that the network is specifically blocking connections to AirVPNs hosts, as opposed to just VPN traffic (though I'll be the first to admit I'm relatively new to this and might be misdiagnosing).

It turns out that the University actually had her manually set up her network with a self-assigned IP address, gateway, and manually specified DNS servers. I'm sure that's somehow related, but all I could think to try was adding another DNS (which didn't appear to help, but it also seems that the host names are being correctly resolved anyway). Any ideas would be greatly appreciated, I'm rather baffled here.

Share this post


Link to post

So my girlfriend has recently started her masters in Germany, and her internet provided to her flat is from the University. She wanted a VPN and AirVPN seemed to be the most flexible choice, so we started there.

 

Right off the bat, it seemed that the network was blocking all VPN traffic (it was impossible to connect to VPN, or even authenticate credentials while on the university network, but tethered to my phone we could connect to the VPN with no problems). It turned out to be even worse than that: even VPN over SSH is resulting in timeout errors, which seems to imply that the network is specifically blocking connections to AirVPNs hosts, as opposed to just VPN traffic (though I'll be the first to admit I'm relatively new to this and might be misdiagnosing).

 

It turns out that the University actually had her manually set up her network with a self-assigned IP address, gateway, and manually specified DNS servers. I'm sure that's somehow related, but all I could think to try was adding another DNS (which didn't appear to help, but it also seems that the host names are being correctly resolved anyway). Any ideas would be greatly appreciated, I'm rather baffled here.

 

If VPN over SSH isnt working i would try SSL, and also i would reccomend using the latest version of the client under the experimental downloads. I believe the new client supports higher port ranges for SSL and SSH. If they are indeed blocking connections to the AirVPN host i would attempt to use the alternate IP option in the client for SSH and SSL. At your stage i would only attempt SSH and SSL connections as it appears that any attempt to use standard TCP or UDP connections would be futile. 

Share this post


Link to post

One other thing, AirVPN supports Tor over AirVPN, although slower it would be harder to block with the support of obfs4 technology in the Tor browser. If you can get through using Tor then you should be able to use AirVPN over it. When doing this remember to configure Tor to use custom obfs bridges as the public ones are most likely blocked. 

Share this post


Link to post

If VPN over SSH isnt working i would try SSL, and also i would reccomend using the latest version of the client under the experimental downloads. I believe the new client supports higher port ranges for SSL and SSH. If they are indeed blocking connections to the AirVPN host i would attempt to use the alternate IP option in the client for SSH and SSL. At your stage i would only attempt SSH and SSL connections as it appears that any attempt to use standard TCP or UDP connections would be futile. 

 

SSL doesn't seem to be working either. I just tried the experimental client with the higher ports (for both SSH and SSL) and neither worked. Also, it might be worth noting that I just found that I can't SSH into my server at home on this network either, it seems not impossible that all SSH traffic is being blocked (though that seems insane to me).

 

One other thing, AirVPN supports Tor over AirVPN, although slower it would be harder to block with the support of obfs4 technology in the Tor browser. If you can get through using Tor then you should be able to use AirVPN over it. When doing this remember to configure Tor to use custom obfs bridges as the public ones are most likely blocked. 

 

I don't know much about Tor, do you have any resources for getting started? I'll try this next. Thank you so much for your help!

Share this post


Link to post

Looked into Tor a bit. Got it installed, it seemed to work perfectly fine on its own, and then tried to connect with AirVPN which promptly failed. Clicking the "Test" button in AirVPN settings returned a "Success" dialog, but then connecting to a server timed out. Also, after a bit of rooting around, it doesn't really seem like Tor is the right solution for what she wants to get out of a VPN (which includes standard internet access like streaming content).

Share this post


Link to post

 

If VPN over SSH isnt working i would try SSL, and also i would reccomend using the latest version of the client under the experimental downloads. I believe the new client supports higher port ranges for SSL and SSH. If they are indeed blocking connections to the AirVPN host i would attempt to use the alternate IP option in the client for SSH and SSL. At your stage i would only attempt SSH and SSL connections as it appears that any attempt to use standard TCP or UDP connections would be futile. 

 

SSL doesn't seem to be working either. I just tried the experimental client with the higher ports (for both SSH and SSL) and neither worked. Also, it might be worth noting that I just found that I can't SSH into my server at home on this network either, it seems not impossible that all SSH traffic is being blocked (though that seems insane to me).

 

>One other thing, AirVPN supports Tor over AirVPN, although slower it would be harder to block with the support of obfs4 technology in the Tor browser. If you can get through using Tor then you should be able to use AirVPN over it. When doing this remember to configure Tor to use custom obfs bridges as the public ones are most likely blocked. 

 

I don't know much about Tor, do you have any resources for getting started? I'll try this next. Thank you so much for your help!

 

 

This page should give you some basic info on setting it up for Tor.

 

https://airvpn.org/tor/

 

Websites such as Facebook and Google and Airvpn.org all use SSL, if SSL traffic is blocked these sites should be inaccessible. It is possible certain SSL sites could be whitelisted but i cannot know. 

 

May i ask for some logs from your client to see what error it's throwing? That might give a slight indication to whats going on. 

 

Worst case scenario this German University has a complete list of all entry and exit ip's including alternate IP on a blacklist, in which case private obfs bridges in Tor may still yet work.

 

Also, attempt pinging one of the servers, such as "ping pavonis.airvpn.org", if it times out the domain or the ip could be blocked. if it times out try this in cmd instead "ping 149.255.33.154" and let us know if that times out or not. These results could tell us if they have blocked the servers or merely the connection via OpenVPN.

 

PS: Just saw the reply. I understand that she might want to stream and have good speeds etc. But if the network is as hostile as it sounds you might not be able to have it both ways here. If you can only get through on Tor she will have to choose between using the VPN or having the speeds to stream content. Trust and believe that if AirVPN cannot work on this network no other VPN service will, i personally went through several other crappy providers before i got here. 

Share this post


Link to post

It might be worthwhile tracking down one of the staff system or network admins and buying them a beer to find out what is going on, and another beer for how to get around it. Or maybe there is some published directive from the social controllers. Or maybe the network admin guys just want everyone to use plaintext so they can check emails and photos etc to find which women to try to chat up or blackmail into favors.

Share this post


Link to post

What about port 80 (TCP)? They cannot really block that one without blocking all internet traffic.

Share this post


Link to post

Perhaps someone else using the university network used AirVPN before and got the IP's blocked on the network. But try all of the 80/443 connection methods on different servers. For example, if your university is in the US, try connecting to Canada or UK.


"I don't see myself as a hero because what I'm doing is self-interested: I don't want to live in a world where there's no privacy and therefore no room for intellectual exploration and creativity." - Edward Snowden

"The Internet is by the people, for the people." - Kim Dotcom

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...