Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Netgate's openvpn client's remote server and my homes public IP

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 3 Posters 540 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • opticalcO Offline
      opticalc
      last edited by

      So I have a standard openvpn connection to ProtonVPN and its up and working and my home clients when surfing have an EU IP address despite my home being in US. But I have a question on how some things are working.

      So in my Netgate's openvpn client config, it specifies a particular IP address as the remote endpoint server. It also specifies remote-random per the ProtonVPN instructions, as well as many other lines of remote entries, all with IP addresses. No FQDN anywhere.

      But then, when my home clients go to ipinfo.io to check their IP address, a completely different IP shows up, this IP does not exist anywhere in my OpenVPN config.

      How is that possible?

      Anyhow, the larger question, is that RAI (streaming service) still wont let my home PCs stream, I guess they know that Im on a VPN. BUT on my phone connected to ProtonVPN, on ipinfo I get almost identical IP address as the home clients, the first 3 octets are the same, the 4th octet is really close bit different. Why does RAI allow the phone but not the home PCs?

      N GertjanG 2 Replies Last reply Reply Quote 0
      • N Offline
        netblues @opticalc
        last edited by

        @opticalc remote-random deals with load balancing protonvpn servers your client is connecting.
        They have most probably opted to ip addresses as dns resolution gives out you are connecting to a vpn and it could be tracked (or blocked) at the dns level, which is rather easy.

        If the public ip could occur in your client vpn settings then you wouldn't need protonvpn in the first place.

        a vpn establishes a point to point connection, and optionally routes all traffic to this connection. This is where the magic ends
        What the remote point does to provide you with internet access, (namely nat) is totaly beyond openvpn service and configuration.

        As for rai, maybe they are looking at the user agent of the browser, or some other "magic"
        It is known that vpn ip's are often blacklisted from such services, precisely because they are used to bypass geolocation.

        Not much you can do except switch vpn providers and pray.
        (or setup a local openvpn server in italy.home based, and connect through that, but then this is most often beyond the capabilities of most vpn customers anyway)

        opticalcO 1 Reply Last reply Reply Quote 0
        • GertjanG Offline
          Gertjan @opticalc
          last edited by

          @opticalc said in Netgate's openvpn client's remote server and my homes public IP:

          BUT on my phone connected to ProtonVPN, on ipinfo I get almost identical IP address as the home clients, the first 3 octets are the same, the 4th octet is really close bit different.

          Info is missing.
          Your phone uses your lcoal wifi, right ?
          So your PC uses, for example, 192.168.1.10 as it's IP, and your phone got 192.168.1.15, right ?

          Your question can be exlplaiend like this : your PC uses the Internet by going over the VPN.
          Your phone doesn't.
          Check with http://checkip.dyndns.org
          Visit http://checkip.dyndns.org oin your PC : you see the WAN IP it uses - most probably a proton owned IP
          Do the same thing on your phone. Now you see your ISP WAN IP. Right ?

          @opticalc said in Netgate's openvpn client's remote server and my homes public IP:

          But then, when my home clients go to ipinfo.io to check their IP address

          The IP you use to connect to your VPN isn't your "VPN WAN IP", the one "Internet" will see, the one where you requests came from. It's just a IP where you connect to to connect to the VPN server.

          And yes, content suppliers don't like VPN IPs at all.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          opticalcO 1 Reply Last reply Reply Quote 0
          • opticalcO Offline
            opticalc @Gertjan
            last edited by

            @Gertjan Im not sure I understand you, or that you understand me.

            My home's PFSense is an openvpn client. When my home PCs go to ipinfo.io to determine what RAI will "see" as my home PCs IP address, and then geolocate my PC as being in Italy, that website returns 146.70.182.x but my home PC (firefox private browsing) cannot view content at RAI.

            But with my phone that is not on my home network connects to protonvpn, and then on my phone I go to ipinfo.io to determine what RAI will "see" as my phones IP address, and then geolocate my phone as being in Italy, that website returns 146.70.182.(x+20) so very close to the same IP, definitely in the same /26 network, even.

            But my phone can view RAI content, while that home PC cannot.

            GertjanG 1 Reply Last reply Reply Quote 0
            • GertjanG Offline
              Gertjan @opticalc
              last edited by Gertjan

              @opticalc said in Netgate's openvpn client's remote server and my homes public IP:

              But with my phone that is not on my home network connects to protonvpn, and then on my phone I go to ipinfo.io to determine what RAI will "see" as my phones IP address, and then geolocate my phone as being in Italy, that website returns 146.70.182.(x+20)

              So your phone is using a VPN client, so 146.70.1822.x+20 is a Proton IP ? Right ?
              Btw : why hiding supposed VPN IPs ?

              If your home PC tells you 146.70.1822.x is your WAN IP, so indeed in the same network as your phone, they use both a pretty identical "path" to the Internet.

              So both are using Proton, or both are not using Proton.

              A VPN supplier doesn't use an IP like 146.70.1822.x/32 - they use 146.70.1822.x/24 or smaller.

              (firefox private browsing)

              Ah, that might also explain why RAI won't work.

              edit : https://whatismyipaddress.com/ip/146.70.182.1 so the entire 192.168.182.1 (/24) is a VPN server IP. No need to hide these. The info is public ^^

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • opticalcO Offline
                opticalc @netblues
                last edited by

                @netblues

                well i figured it out... did a dns leak check and it was leaking DNS due to my client still using PFSense as the DNS server, set my home pc client to opendns and it all is working like expected.

                GertjanG 1 Reply Last reply Reply Quote 0
                • GertjanG Offline
                  Gertjan @opticalc
                  last edited by

                  @opticalc said in Netgate's openvpn client's remote server and my homes public IP:

                  and it was leaking DNS due to my client still using PFSense as the DNS server

                  Unbound (the pfSense resolver) can be forced to use the VPN connection also .....

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.