VPN blocked?
-
@johnpoz It is a fair point John and I may re-evaluate my need for a VPN. It does add some frustration and nuance.
The way I understand the query minimization is that it keeps any single entity of seeing all of your browsing habits, at the expense of dealing with some resolving issues. With a single provider having the reverse pro/con. I suppose it is weighing convenience against privacy.
I do appreciate everyone's patience explaining these topics to me. It has been extremely educational.
-
I don't get this "rush to VPNs for privacy" thing either. It's like the VPN providers out there have used slick marketing to create a demand for their product. They get a potential goldmine of information from their users. They say they "don't log", but do you really believe that? Do you not realize that any provider in any Western democracy can easily be coerced via legal means to divulge everything about a user or even a group of users in the name of a criminal investigation or "national security". So if you are paranoid about "big brother" watching you, then a VPN provider is the very last thing you want because that just serves to draw attention to you. Why? Because the favorite haunt of cyber bad guys are services like VPNs and TOR. That's one reason VPN services have started to get on "bad reputation" IP lists.
My beef with VPN services is that folks jump into using them without understanding the true ramifications, then they come here and to other forums whining about various "broken" things wanting to blame it on other software. For example, it's not unusual for a user to post about some issue they are blaming on a pfSense bug; but, you finally drag it out of them 4 or 5 posts later in their rant about their problem that "oh, yeah, I am using VPN provider xyz" and it turns out that is the problem because these VPN IP net blocks are winding up on so many blacklists.
Finally, using a VPN bogs your firewall CPU down with encrypting and decrypting every single packet that traverses the wire. It also adds lots of latency to your connections as traffic has to bounce back and forth from your VPN provider's entry and exit points and your local ISP.
-
It seems I am having the same issue. I am currently using AIRVPN provider and I cannot open this forum.
Is it possible that the AirVpn ip addresses servers are blacklisted?
Thanks -
Spammers use VPNs....so they all get blacklisted bit by bit.
-Rico
-
Fair enough even if criminals use cars, mobile phones, computers but all of those can still be bought
... I am a newbie and i am wondering if someone would be able to tell me if (and how eventually) I can bypass the VPN connection to connect to the pfsense forum without having to change network.
Thank you very much -
Depending on your VPN Setup it should be no problem to policy route by setting destination IP to 208.123.73.199 (this forum) and choosing your default gateway (Advanced options in the Firewall Rule).
-Rico
-
@zapoteknico said in VPN blocked?:
Fair enough even if criminals use cars, mobile phones, computers but all of those can still be bought
...Right but if you choose to drive a car that was just used in a bank robbery you'll get pulled over.
-
Hello Rico.
Thank you very much.
I understand what you say however I have no understanding of how I would be able to achieve that in pfesense.
I understand i might be asking a lot but any help in pointing me to how to create thoae rules would really help -
@derelict indeed... However the difference here is the brand of the car, not exactly the same car...if a Mercedes is used in a bank robbery, not all Mercedes drivers will be stopped
-
You create this Firewall Rule for the Interface you want to bypass forum.netgate.com (typically LAN) and put on top of your Rules:
hit Display Advanced and set your ISP Gateway (or default if your ISP GW is still the system default):
-Rico
-
If your going to policy route, make sure your not pulling routes from your vpn service - most of their crap guides want you to pull their route so they are default, and most of them mistakenly tell you to do manual outbound nat, etc.
-
Thank you very much for the help but i am surrendering.
I understand half of the things you talk about and I think i have rules setup that makes impossibile to create those exemptions (followed the above suggestions but it didn't work)
I don't want to bother anyone more than needed as I am going to reconfigure everything tomorrow (getting a new mini pc)Thank you :)
-
This post is deleted!
