How to bypass torrent blocked ports using openvpn. [SOLVED]



  • how to bypass  p2p torrent blocked ports using openvpn.

    I have openvpn installed on at home i setup openvpn and its working wonderfully i can connect to it at my school how would i be able to bypass the block placed on p2p ports using openvpn.

    I am able to connect to my pfsense box remotely going through port 443 and 80 but when i launch utorrent and try to download a movie it it doesn't work. So i guess i am missing a configuration to allow this to work.

    Need this to work need to show my Networking Lecturer that I have achieved this.



  • If I understand correctly you're asking about a problem on the OpenVPN client computer being able to run utorrent (presumably your pfsense box is the OpenVPN server). You may need to tell utorrent to specifically use the interface for the VPN (e.g. utun0)



  • So the WiFi is co figured to block uTorrent traffic my pfsense box is configured at home with openvpn and I am able to connect to it using port 443. But when I try nd download a movie using uTorrent it doesn't work at all because they are blocking all the ports for that. What I want to do is to use openvpn co figured on my pfsense box at home to bypass the block placed on those ports and download.



  • I don't know if UPnP works over VPN so I suggest going into the network settings on uTorrent, turning off UPnP/NAT-PMP and then creating a port forwarding rule in pfSense to forward utorrent's incoming TCP Port from the WAN to the same port on the IP for your OpenVPN client.

    So if the uTorrent port is 26085 and pfSense is giving your OpenVPN client the IP 10.0.1.2 then go to firewall/NAT/port forward in pfSense and create a new entry for your WAN interface for destination port other/26085, destination address WAN address to redirect target IP 10.0.1.2, redirect target port other/26085.

    I don't see a setting in uTorrent telling it to listen on a specific interface so I assume it listens on all.

    Keep in mind that you will be exposing the WAN address of your pfsense box to peers. Depending on how you're using utorrent, a better solution may be a commercial VPN provider such as Private Internet Access or NordVPN.



  • Thanks very much but do you have any screen shot or a more easier and in depth way of explaining the setup in nat/ port forwarding please. Also the part where you said I would be exposing my wan to peers connected to pfsense, I am doing port forwarding in my router to forward port 443 to the pfsense wan ip.



  • Wait—I think I misunderstood your setup. I assumed pfSense was your router but are you saying you're just using pfSense as an OpenVPN server and you have a separate router?



  • So pfsense is behind my isp arris modem. Which is has not enabled so in the arris modem I configured port forwarding to forward 443 port to the wan address.



  • So if you wanted to make this work I suppose you would need to setup forwarding both in your router and in pfSense. It seems a much better solution would be to pay $40/yr for a VPN service that "just works" e.g. https://www.privateinternetaccess.com/ which also gives you the advantage of hiding your IP address.



  • @tripplex:

    Need this to work need to show my Networking Lecturer that I have achieved this.

    You need to read your textbook, you sound totally clueless. That's fine if you're just a casual user, but you sound basically like a student trying to cheat their way through a class they are totally lost in.

    I'm sure you don't want to hear this, but it sounds like you don't deserve a passing grade in your class. Kids in grade-school have figured out how to do what you are talking about.



  • Don't need you here being judgemental. This is a forum for assistance and reporting bugs and such in the firewall system, so please don't be hypocritical and help. It's persons like you who make the world a loving hell. Instead of helping, you choose to be negative.
    This is the harsh world we live it and it ain't getting better with persons like you who quick to judge without acquiring the full details of the situation.



  • It can be done using some website that offer torrent downloading and you would use programs like internet download manager or download accelerator plus to download the torrent but that's not the aim here neither is using a paid VPN provider. The aim is to use of sense and route the p2p traffic through my home firewall, which is pfsense.



  • @tripplex:

    The aim is to use of sense and route the p2p traffic through my home firewall, which is pfsense.

    You can try forwarding the port on the Arris to pfSense and on pfSense to your VPN IP.

    Another alternative would be to use pfSense as your primary router by making it the DMZ host in the Arris. Then you only need port forwarding on pfSense.



  • @tripplex:

    Thanks very much but do you have any screen shot or a more easier and in depth way of explaining the setup in nat/ port forwarding please.

    ::), That was a bit dramatic. You already said you're just trying to get someone else how to tell you to do your networking assignment.

    Stop being lazy, do your own work.

    This forum is not here for others to make you a picture book to pass your class, and you are asking questions in the wrong forums.
    This forum is here to help people use this product successfully.
    You are misusing the forum.



  • @belt9:

    @tripplex:

    Thanks very much but do you have any screen shot or a more easier and in depth way of explaining the setup in nat/ port forwarding please.

    ::), That was a bit dramatic. You already said you're just trying to get someone else how to tell you to do your networking assignment.

    Stop being lazy, do your own work.

    This forum is not here for others to make you a picture book to pass your class, and you are asking questions in the wrong forums.
    This forum is here to help people use this product successfully.
    You are misusing the forum.

    Am not here to start an argument so you continue to argue since it seems like you enjoy it. Case closed.


  • Galactic Empire Netgate

    Guys, take it down a notch.


  • Rebel Alliance Global Moderator

    "The aim is to use of sense and route the p2p traffic through my home firewall, which is pfsense."

    Ok let me get this right… Your at school, and 443 is open outbound from the school network.  So you want to vpn into your home router running vpn, and run some p2p program from your school machine through your vpn connection to your home router..

    Is that the goal of this question/assignment?

    If so this is nothing more than creating the vpn and having it set as your default gateway on your vpn client. Bam you can run p2p all day long through this tunnel.  As long as p2p is not blocked or hindered on your home router.  Since your just like any other client behind your home router in this scenario.



  • Thanks for the help i am going to try this right now. There is hope just yet. :)


  • Rebel Alliance Global Moderator

    Keep in mind your ratios will prob not be good because your inbound port will not be forwarded.  What port do you have your client using for p2p?  You have to make sure to forward that on your pfsense to your vpn client IP that was given.

    This sort of setup really only going to work if you setup specific IP for the vpn client.  For example when I vpn in I always get the IP.. But p2p will work just from the download aspect, you would just not be able for swarm members to ask you for pieces, so they might ban you after awhile from sending you more if they can not get anything from you, etc.  This is how p2p works.. But if well seeded you can for sure just download even without the ability for other swarm members to request pieces from you.

    So you would want to forward whatever p2p port your client is using on pfsense to this IP

    Ethernet adapter Local Area Connection 2:

    Connection-specific DNS Suffix  . : local.lan
      Description . . . . . . . . . . . : TAP-Windows Adapter V9
      Physical Address. . . . . . . . . : 00-FF-1F-37-23-EC
      DHCP Enabled. . . . . . . . . . . : Yes
      Autoconfiguration Enabled . . . . : Yes
    **  IPv4 Address. . . . . . . . . . . : 10.0.8.100(Preferred)**
      Subnet Mask . . . . . . . . . . . : 255.255.255.0
      Lease Obtained. . . . . . . . . . : Friday, September 22, 2017 2:05:32 PM
      Lease Expires . . . . . . . . . . : Saturday, September 22, 2018 2:05:32 PM
      Default Gateway . . . . . . . . . :
      DHCP Server . . . . . . . . . . . : 10.0.8.254
      DNS Servers . . . . . . . . . . . : 192.168.9.253
      NetBIOS over Tcpip. . . . . . . . : Enabled



  • I was having some trouble using port 443 so i changed it to 53 and its working fine now. I created a nat forward rule to route traffic to the vpn client ip which 192.168.2.2 and it created the associate rule under the wan tab in firewall rules. So where should i set the ip for default gateway as you stated above? I assumed it was on the vpn client so i changed it from dynamic to static ip addressing.

    so i have as follows on the vpn client:

    this is of course set on the TAP adapter.

    ip: 192.168.2.2
    subnet: 255.255.255.0
    gateway: 192.168.2.1
    dns: 192.168.1.1

    Is that what you meant by setting the gateway on the vpn client?


  • Rebel Alliance Global Moderator

    you do not do it on the interface you do it via the vpn server hand your client a specific IP.. via client override..

    ifconfig-push 10.0.8.100 255.255.255.0

    Then again that would only be required if going to fordward to your client - this is not a requirement to get torrents to work.. Just if you wanted to have good sharing, etc.. That is beyond the scope of your question/assignment.

    You can grab stuff via p2p by just setting vpn traffic to be forced out the gateway in the server settings.



  • @johnpoz:

    You can grab stuff via p2p by just setting vpn traffic to be forced out the gateway in the server settings.

    how can i do this? thats if its different from what i stated above.



  • Rebel Alliance Global Moderator

    here