Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PIA VPN removes stealth mode at GRC Shieldsup

    Scheduled Pinned Locked Moved OpenVPN
    8 Posts 4 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      steviewunda
      last edited by

      Hi - with the OpenVPN client disabled, I get a pass at GRC's Shieldsup (all ports in stealth mode). With it enabled, it fails the stealth test on all ports, and shows ports 22, 80, 110, and 443 as Open. What do I need to do to use the PIA VPN and maintain stealth mode, or is this not possible?

      1 Reply Last reply Reply Quote 0
      • S
        steviewunda
        last edited by

        I should have mentioned that i'm on pfSense 2.4.4 r2

        1 Reply Last reply Reply Quote 0
        • T
          TheNarc
          last edited by

          Don't worry about it. When you're connected through a VPN this way, the WAN IP is not really your WAN IP, it's the VPN provider's server's IP. So the GRC scan is telling you that those ports are open on whatever PIA VPN server you are connected to, not that they are open on your pfSense machine.

          1 Reply Last reply Reply Quote 0
          • S
            steviewunda
            last edited by

            Thanks for that.
            As a side note, I found that I had to disable my VPN to access this forum - is that usual?

            S GertjanG 2 Replies Last reply Reply Quote 0
            • S
              steviewunda @steviewunda
              last edited by

              It seems strange that a network security oriented forum would require its members to disable their VPN?

              DerelictD 1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan @steviewunda
                last edited by

                @steviewunda said in PIA VPN removes stealth mode at GRC Shieldsup:

                is that usual

                This can happen.
                For example : https://forum.netgate.com/topic/136229/vpn-blocked

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate @steviewunda
                  last edited by

                  @steviewunda said in PIA VPN removes stealth mode at GRC Shieldsup:

                  It seems strange that a network security oriented forum would require its members to disable their VPN?

                  It'd be great if spammers didn't use VPNs to hide their source IP addresses. But they do, so the reputation of VPN source addresses is reduced.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • S
                    steviewunda
                    last edited by

                    Thanks for the info guys

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.