Hi, i have this weird issue where both my IVPN and my AirVPN connection works only if i do the following:

Disabile WiFi Connect to LTE and open either IVPN or AirVPN Connect to wireguard protocol Enable WiFi and Connect to it Disabile LTE

Now it works

If i try to connect to wireguard protocol from WiFi directly (corporate WiFi) it doesnt work

Any idea why?

If i Connect from my home WiFi it works normally

Thanks

  • Max-P
    link
    fedilink
    English
    35 months ago

    Your work is likely blocking the domains they use for authentication, but once you’re registered and got the peer IP and port, once you’re back on WiFi the corporate firewall doesn’t catch that.

    A lot of VPNs just log in over an HTTPS API which isn’t exactly stealthy.

    • @PeroBastaOP
      link
      English
      25 months ago

      Thanks for the insight, any way of bypassing this block?

      • Max-P
        link
        fedilink
        English
        4
        edit-2
        5 months ago

        Apart from automating the quick hop to LTE to turn it on, not really.

        Some VPNs stack two VPNs together, one that’s just to get on their network and the other being the real one. It helps a bit.

        Although the ones that care about evading firewalls are typically not bargain bin VPNs like AirVPN and IVPN, and typically don’t use WireGuard because it’s terrible at hiding. It’s very good, very secure and very performant, but it also doesn’t try to masquerade as just another website or some form of TLS protocol over port 443. The serious ones have things like WebSockets, ShadowSocks, meek, and whatever one works on China today. But do you really need that much? It’s usually the kind of stuff where you have to make a choice between performance and bypassing most firewalls.

        Sometimes OpenVPN will go through, because it can do that so if the firewall isn’t too smart it will miss it. But if WireGuard works by just authenticating over LTE, eh, worth it.

        (And even then, if I was in charge of corporate IT and had to lock down the network to prevent exfiltration, you wouldn’t get any VPN past me, because I wouldn’t care about collateral I can just allowlist as it comes up. That’s a tradeoff places like Russia and China can’t quite afford.)

        • @PeroBastaOP
          link
          English
          25 months ago

          Thank you for the answer. I tried as well to do the same using open VPN protocol but after I drop LTE it disconnect.