Jump to content
Not connected, Your IP: 3.149.24.159
AirVPN
Sign in to follow this  
Followers 0
Snowplow

iOS leaking ipv6

By Snowplow, ... in Troubleshooting and Problems

Recommended Posts

Snowplow    2

Snowplow
Posted ...

I periodically check my gmail account for login activity.  Typically I don't see anything awkward.  Occasionally I see my real IP showing up in there from my iPhone, which I have attributed to periodic drops of the VPN.  I go through some patchy service areas and OpenVPN doesn't always reconnect successfully.

 

However today I noticed that while actively connected to an AirVPN server, Gmail was logging both my VPN ipv4 address and what appears to be my real ipv6 address from the mobile network.  I used ipleak.net and it only showed my VPN ipv4 address.  I did this repeatedly in a matter of minutes, checking on ipleak and refreshing my mail via the iOS Mail app and it consistently showed only my VPN ipv4 address at ipleak.net, and both my VPN ipv4 and real ipv6 addresses in Gmail.

 

My instinct said to reboot the phone, which appears to have resolved the issue at least for now.  Naturally I'm concerned because the phone claims it is VPN-connected, ipleak.net only shows my VPN information, but somehow I'm getting an ipv6 leak.  If I were not checking in Gmail at the time, I would have no indication of a leak.  Similarly, I don't know whether there was a corresponding DNS leak.

 

Does anybody have any suggestions of what to check or how to better secure iOS?  I have iOS 10.3.3 with the latest OpenVPN client, and I connect via UDP.

Share this post

Link to post

jean claud    45

jean claud
Posted ...

I periodically check my gmail account for login activity.  Typically I don't see anything awkward.  Occasionally I see my real IP showing up in there from my iPhone, which I have attributed to periodic drops of the VPN.  I go through some patchy service areas and OpenVPN doesn't always reconnect successfully.

 

However today I noticed that while actively connected to an AirVPN server, Gmail was logging both my VPN ipv4 address and what appears to be my real ipv6 address from the mobile network.  I used ipleak.net and it only showed my VPN ipv4 address.  I did this repeatedly in a matter of minutes, checking on ipleak and refreshing my mail via the iOS Mail app and it consistently showed only my VPN ipv4 address at ipleak.net, and both my VPN ipv4 and real ipv6 addresses in Gmail.

 

My instinct said to reboot the phone, which appears to have resolved the issue at least for now.  Naturally I'm concerned because the phone claims it is VPN-connected, ipleak.net only shows my VPN information, but somehow I'm getting an ipv6 leak.  If I were not checking in Gmail at the time, I would have no indication of a leak.  Similarly, I don't know whether there was a corresponding DNS leak.

 

Does anybody have any suggestions of what to check or how to better secure iOS?  I have iOS 10.3.3 with the latest OpenVPN client, and I connect via UDP.

I'm using ios 11 (which is more leaky than ios10) and I don't get leak with AirVpn . maybe your email  is leaking ... take a look to  http://emailipleak.com/  (and if possible let down Gmail for ProtonMail )

Share this post

Link to post

Snowplow    2

Snowplow
Posted ...

Thank you for the reply and link.  I ran that and Gmail does "leak" my ipv4 VPN IP.  My concern is a bit different that the mail app is connecting to Gmail's servers using both my ipv4 VPN IP and my ipv6 'real' IP address.

 

Edit: It also seems intermittent.  After my reboot, I notice it did this again, however I just used the app again and it only showed my ipv4 VPN information.  When it does leak my ipv6, it appears to be simultaneous with my ipv4 connection, based on matching time stamps.

 

My OpenVPN settings are configured as follows:

Seamless tunnel (iOS8+) -> ON

Connect via -> Any network

Reconnect on wakeup -> ON

Protocol -> Adaptive

Compression -> Full

Connection timeout -> 2 minutes

Network state detection -> Active

IPv6 -> disabled

 

Force AES-CBC ciphersuites -> OFF

Minimum TLS version -> Profile Default

Google DNS fallback -> ON

Layer 2 reachability -> ON

SSL log level -> 0 (default)

Share this post

Link to post

jean claud    45

jean claud
Posted ...

 

My OpenVPN settings are configured as follows:

Seamless tunnel (iOS8+) -> ON

Connect via -> Any network

Reconnect on wakeup -> ON

Protocol -> Adaptive

Compression -> Full

Connection timeout -> 2 minutes

Network state detection -> Active

IPv6 -> disabled

 

Force AES-CBC ciphersuites -> OFF

Minimum TLS version -> Profile Default

Google DNS fallback -> ON

Layer 2 reachability -> ON

SSL log level -> 0 (default)

 

# for me :

Force AES-CBC ciphersuites = ON

Google DNS failback = OFF

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...