I use public networks all the time. It seems like there are some which will never connect to the VPN (usually a timeout, or if it’s on a mobile device it could give some error message too). My feeling is that it does seem to be more common than before, for my VPN to never connect on that network. Whole Foods is one which I can’t ever remember being able to connect to my VPN, and this has even been the case at that store in one other state I can think of (MN and NV).
I would share what mine is, but if I do that automod will likely remove this post. I think it begins with a P or something. So I don’t know if this can be due to the way it connects, the VPN network thats wanting to form its own connection within the connection, or what.
How do they even go about blocking a VPN? Are they blocking all UDP traffic?
Ive had luck using one of the lesser known VPN providers. At least for now it works while my two other accounts with top 10 providers don’t.
Commercial Firewalls like Sonicwall, Watchguard, Sophos, etc all have rule sets that can be applied to block VPN providers. They are not perfect though, and tend to target the biggest VPN providers (anything you see in a ‘top 10 VPN’ list).
It’s totally up to whoever runs the network as to what they allow, and is much more common on corporate networks than free wifi, but I am also seeing it more often on free wifi now.
The most effective workaround is to set up your own openvpn in AWS
We need an all around hack against this but the most effective way for us is to have the VPN route to our own server and then off to the real VPN, however that is horrendously insecure. The only thing that is good for is simply not getting spied on by the wifi’s IT guys.
they can know the IP adress of the VPN servers just by suscribing to it and using it, going through servers. also, some website or services will not allow traffic coming from IP blocks that belong to big server providers like Amazon Vultr DigitalOcean etc.
My guess is that there must be a list that contains all the IP used by the most common VPN providers, and they simply block all IP from that list.
Another way is some network will block certain ports, or most ports, and only allow port 80 443 and the likes. This prevent VPN from working and other application but allow http and https to work because they mostly use these ports. Having a VPN that encrypt and use port 443 would still work in this case, given that the IP of the VPN is not blocked.
My company uses MaxMind, pretty much the largest GeoIP DB out there.
It flags known VPN IPs. While we don’t block them, it’s very easy to do with that list.
I get around public networks blocking VPNs, and they do, by having my own VPN. So far I’ve not been blocked from using it except for one time in which the network blocked all but ports 80 and 443. If it mattered that much to me I would just adjust my VPN to use 443.
where did you deploy your own VPN, on a machine you own or by renting a server online ? I rent some VPS online and even by deploying a VPN on a server I rent, they still block it because they block all the IP coming from the major server providers. I assume that the reason they block all the server providers is that normally, a server is not really supposed to surf the internet, and if it does, its because the server is a VPN.
This would be on my own machine and accessing the internet from a remote location that has public internet access.