As per my previous post about OpenVPN on pfSense I would like to tell you all a problem that I’ve been having recently since I’ve started trying to use it to protect myself on my school’s public WiFi network. You see, I like all college students have a smart phone and I can create my own private wireless hotspot with it. To which I connect my laptop to it while I’m in class so I don’t have to use the school’s WiFi. Typically this works fairly well, there is one problem: I don’t have an unlimited data plan. So when I run out of high speed data my carrier drops me down to a really slow speed (measured in kilobytes/second). I can understand this, we didn’t buy an unlimited plan and frankly they could just remove my access to the Internet all together. But they are actually quite nice and just nerf your speed.
To combat this issue I’ve been using my OpenVPN server that is installed as a pfSense package, set all traffic to go though that, and then use the school’s public WiFi. However, I’ve run into a very strange issue. Which is that when I connect to the school’s WiFi it blocks my access to the Internet when I’m using the VPN. Which is very strange and confusing. I can still connect to my internal servers just fine. I just can’t connect out to the Internet. As soon as I disconnect from the VPN, I get Internet access again.
At first I thought it was some sort of misconfiguration on my end (and really I still haven’t ruled that possibility out). So I fired up my trusty WiFi hotspot on my phone and used that. No problems, I was able to browse the Internet connecting though the VPN just fine and it appeared to websites as if I had accessed them from home. I connect back to the school WiFi, I get access to the Internet. I connect to the VPN, I loose connection to the outside world (although once again I was still able to access my internal servers that I have on my network at home). It’s very strange.
I was already confused at this point. OpenVPN is supposed to be encrypted and by everything I’ve read still says that it is. So I can’t understand how firewall at my college manages to see me trying to access the Internet though my VPN. In all fairness, the school’s network has a firewall so people can’t do bad stuff on their network (for obvious reason). Since the VPN bypasses all of that I really shouldn’t be so surprised that they would block that type of thing. Even though I would NEVER use their connection to do bad things on the Internet (the VPN goes though my home network for goodness sake!). I really shouldn’t be surprised that they don’t allow outbound OpenVPN connections. But they do. I can still connect to the VPN, and I can still access internal servers though the VPN. I just can’t access the outside Internet though it.
I know that this has something to do with the school’s firewall as I have classes that are thought at different campuses and the VPN works fine there. It’s just when I’m at the main campus that I have problems. I’m also really confused because if the connection is supposed to be encrypted. As far as the school’s firewall is concerned I’m just connecting to my home server and nothing else. I’m just very confused about the whole thing.
Does anyone have any idea how this is happening?
UPDATE: This thread describes the problem pretty well, but that still doesn’t really explain why it fails to work properaly on some networks and not others.