Menu
What's new
By:
Filters Better Search

VPN Director - This can't be right

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

privacyguy123 said:
Awaiting update from their support staff ... it could be their apps modify the packets in some way in order to get a reply?
Click to expand...
My tcpdump looks like this:
Code: 
22:08:27.393090 IP 10.0.69.214 > dns.google: ICMP echo request, id 1458, seq 1, length 64
22:08:27.402279 IP 209.85.174.232 > 10.0.69.214: ICMP time exceeded in-transit, length 76
22:08:28.537525 IP 10.0.69.214 > dns.google: ICMP echo request, id 1510, seq 1, length 64
22:08:28.551100 IP 209.85.253.253 > 10.0.69.214: ICMP time exceeded in-transit, length 76
22:08:29.685557 IP 10.0.69.214 > dns.google: ICMP echo request, id 1561, seq 1, length 64
22:08:29.698914 IP 108.170.233.41 > 10.0.69.214: ICMP time exceeded in-transit, length 76
So a ping to target (dns.google) followed by a time exceeded reply from a different ip. This time exceeded packets gives traceroute info about which hosts the packet are passing.
 
ZebMcKayhan said:
My tcpdump looks like this:
Code: 
22:08:27.393090 IP 10.0.69.214 > dns.google: ICMP echo request, id 1458, seq 1, length 64
22:08:27.402279 IP 209.85.174.232 > 10.0.69.214: ICMP time exceeded in-transit, length 76
22:08:28.537525 IP 10.0.69.214 > dns.google: ICMP echo request, id 1510, seq 1, length 64
22:08:28.551100 IP 209.85.253.253 > 10.0.69.214: ICMP time exceeded in-transit, length 76
22:08:29.685557 IP 10.0.69.214 > dns.google: ICMP echo request, id 1561, seq 1, length 64
22:08:29.698914 IP 108.170.233.41 > 10.0.69.214: ICMP time exceeded in-transit, length 76
So a ping to target (dns.google) followed by a time exceeded reply from a different ip. This time exceeded packets gives traceroute info about which hosts the packet are passing.
Click to expand...
Despite every hop timing out I see this in tcpdump

tcpdump -i wgc1 icmp
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on wgc1, link-type RAW (Raw IP), snapshot length 262144 bytes
21:20:04.920353 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1870, length 72
21:20:04.942477 IP 10.2.0.1 > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:08.700052 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1871, length 72
21:20:08.721847 IP 10.2.0.1 > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:12.699919 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1872, length 72
21:20:12.723153 IP 10.2.0.1 > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:16.696557 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1873, length 72
21:20:16.728603 IP unn-154-47-24-205.datapacket.com > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:20.710024 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1874, length 72
21:20:20.732944 IP unn-154-47-24-205.datapacket.com > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:24.707981 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1875, length 72
21:20:24.728941 IP unn-154-47-24-205.datapacket.com > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:28.706562 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1876, length 72
21:20:28.727902 IP vl204.lon-tel-core-2.cdn77.com > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:32.705307 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1877, length 72
21:20:32.726058 IP vl204.lon-tel-core-2.cdn77.com > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:36.718266 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1878, length 72
21:20:36.758798 IP vl204.lon-tel-core-2.cdn77.com > 10.2.0.2: ICMP time exceeded in-transit, length 100
21:20:40.717086 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1879, length 72
21:20:40.740015 IP be6368.ccr21.lon02.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:20:44.715386 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1880, length 72
21:20:44.737712 IP be6368.ccr21.lon02.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:20:48.714379 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1881, length 72
21:20:48.740745 IP be6368.ccr21.lon02.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:20:52.726745 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1882, length 72
21:20:52.748332 IP be2572.ccr41.lon13.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:20:56.724826 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1883, length 72
21:20:56.746617 IP be2572.ccr41.lon13.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:21:00.775813 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1884, length 72
21:21:00.795926 IP be2572.ccr41.lon13.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:21:04.721669 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1885, length 72
21:21:04.808406 IP be2099.ccr31.bos01.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:21:08.735400 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1886, length 72
21:21:08.818853 IP be2099.ccr31.bos01.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:21:12.734385 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1887, length 72
21:21:12.818280 IP be2099.ccr31.bos01.atlas.cogentco.com > 10.2.0.2: ICMP time exceeded in-transit, length 76
21:21:16.732912 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1888, length 72
21:21:16.818586 IP 38.88.15.34 > 10.2.0.2: ICMP time exceeded in-transit, length 36
21:21:20.731430 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1889, length 72
21:21:20.818899 IP 38.88.15.34 > 10.2.0.2: ICMP time exceeded in-transit, length 36
21:21:24.729655 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1890, length 72
21:21:28.744072 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1891, length 72
21:21:28.829701 IP ae-66.core1.bsb.edgecastcdn.net > 10.2.0.2: ICMP time exceeded in-transit, length 36
21:21:32.742191 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1892, length 72
21:21:32.825736 IP ae-66.core1.bsb.edgecastcdn.net > 10.2.0.2: ICMP time exceeded in-transit, length 36
21:21:36.740262 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1893, length 72
21:21:36.835083 IP ae-66.core1.bsb.edgecastcdn.net > 10.2.0.2: ICMP time exceeded in-transit, length 36
21:21:40.739187 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1894, length 72
21:21:40.824373 IP 93.184.216.34 > 10.2.0.2: ICMP echo reply, id 1, seq 1894, length 72
21:21:40.827350 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1895, length 72
21:21:40.912607 IP 93.184.216.34 > 10.2.0.2: ICMP echo reply, id 1, seq 1895, length 72
21:21:40.917168 IP 10.2.0.2 > 93.184.216.34: ICMP echo request, id 1, seq 1896, length 72
21:21:41.004635 IP 93.184.216.34 > 10.2.0.2: ICMP echo reply, id 1, seq 1896, length 72
Click to expand...
 
privacyguy123 said:
Despite every hop timing out I see this in tcpdump
Click to expand...
So the packets are received by your router, probably not proton then.
Could you see the same time exceeded packets sent to your lan?
Code: 
tcpdump -i br0 icmp
But beware, this Interface is much noisier so you might to dig through some to find your packets.
 
ZebMcKayhan said:
So the packets are received by your router, probably not proton then.
Could you see the same time exceeded packets sent to your lan?
Code: 
tcpdump -i br0 icmp
But beware, this Interface is much noisier so you might to dig through some to find your packets.
Click to expand...
Only noise seems to be .5 and .6 the Sky boxes sending keep alive pings I guess.

-i br0 icmp
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on br0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
21:33:51.566349 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3681, length 28
21:33:51.566431 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3681, length 28
21:33:54.949365 IP 192.168.50.6 > RT-AX58U-5468.lan: ICMP echo request, id 17668, seq 1953, length 28
21:33:54.949480 IP RT-AX58U-5468.lan > 192.168.50.6: ICMP echo reply, id 17668, seq 1953, length 28
21:33:55.673879 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1957, length 72
21:33:55.674028 IP RT-AX58U-5468.lan > DESKTOP-TF5I6LD.lan: ICMP time exceeded in-transit, length 100
21:33:55.675868 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1958, length 72
21:33:55.675975 IP RT-AX58U-5468.lan > DESKTOP-TF5I6LD.lan: ICMP time exceeded in-transit, length 100
21:33:55.677784 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1959, length 72
21:33:55.677879 IP RT-AX58U-5468.lan > DESKTOP-TF5I6LD.lan: ICMP time exceeded in-transit, length 100
21:33:56.687876 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1960, length 72
21:34:00.687622 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1961, length 72
21:34:04.700054 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1962, length 72
21:34:06.578675 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3682, length 28
21:34:06.578753 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3682, length 28
21:34:08.698897 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1963, length 72
21:34:12.698453 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1964, length 72
21:34:16.696010 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1965, length 72
21:34:20.709600 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1966, length 72
21:34:21.581549 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3683, length 28
21:34:21.581640 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3683, length 28
21:34:24.707820 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1967, length 72
21:34:24.964401 IP 192.168.50.6 > RT-AX58U-5468.lan: ICMP echo request, id 17668, seq 1954, length 28
21:34:24.964508 IP RT-AX58U-5468.lan > 192.168.50.6: ICMP echo reply, id 17668, seq 1954, length 28
21:34:28.706145 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1968, length 72
21:34:32.706245 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1969, length 72
21:34:36.594603 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3684, length 28
21:34:36.594688 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3684, length 28
21:34:36.718554 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1970, length 72
21:34:40.716474 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1971, length 72
21:34:44.715175 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1972, length 72
21:34:48.719697 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1973, length 72
21:34:51.596659 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3685, length 28
21:34:51.596740 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3685, length 28
21:34:52.715235 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1974, length 72
21:34:54.980372 IP 192.168.50.6 > RT-AX58U-5468.lan: ICMP echo request, id 17668, seq 1955, length 28
21:34:54.980487 IP RT-AX58U-5468.lan > 192.168.50.6: ICMP echo reply, id 17668, seq 1955, length 28
21:34:56.725961 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1975, length 72
21:35:00.724418 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1976, length 72
21:35:04.722830 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1977, length 72
21:35:06.611549 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3686, length 28
21:35:06.611623 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3686, length 28
21:35:08.721660 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1978, length 72
21:35:12.736650 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1979, length 72
21:35:16.733036 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1980, length 72
21:35:20.731284 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1981, length 72
21:35:21.612740 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3687, length 28
21:35:21.612819 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3687, length 28
21:35:24.729158 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1982, length 72
21:35:24.999511 IP 192.168.50.6 > RT-AX58U-5468.lan: ICMP echo request, id 17668, seq 1956, length 28
21:35:24.999626 IP RT-AX58U-5468.lan > 192.168.50.6: ICMP echo reply, id 17668, seq 1956, length 28
21:35:28.743174 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1983, length 72
21:35:32.742447 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1984, length 72
21:35:32.831713 IP 93.184.216.34 > DESKTOP-TF5I6LD.lan: ICMP echo reply, id 1, seq 1984, length 72
21:35:32.837488 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1985, length 72
21:35:32.929221 IP 93.184.216.34 > DESKTOP-TF5I6LD.lan: ICMP echo reply, id 1, seq 1985, length 72
21:35:32.932635 IP DESKTOP-TF5I6LD.lan > 93.184.216.34: ICMP echo request, id 1, seq 1986, length 72
21:35:33.024952 IP 93.184.216.34 > DESKTOP-TF5I6LD.lan: ICMP echo reply, id 1, seq 1986, length 72
21:35:36.628114 IP 192.168.50.5 > RT-AX58U-5468.lan: ICMP echo request, id 43778, seq 3688, length 28
21:35:36.628192 IP RT-AX58U-5468.lan > 192.168.50.5: ICMP echo reply, id 43778, seq 3688, length 28
Click to expand...
 
privacyguy123 said:
Only noise seems to be .5 and .6 the Sky boxes sending keep alive pings I guess.
Click to expand...
The only time exceeded packets here are from the router itself, no others. This is where we differ:
Code: 
22:25:48.174938 IP 192.168.128.221 > dns.google: ICMP echo request, id 2590, seq 1, length 64
22:25:48.184738 IP 209.85.174.232 > 192.168.128.221: ICMP time exceeded in-transit, length 76
22:25:50.020521 IP 192.168.128.221 > dns.google: ICMP echo request, id 2591, seq 1, length 64
22:25:50.032990 IP 209.85.253.253 > 192.168.128.221: ICMP time exceeded in-transit, length 76
22:25:51.252702 IP 192.168.128.221 > dns.google: ICMP echo request, id 2592, seq 1, length 64
22:25:51.265604 IP 108.170.233.41 > 192.168.128.221: ICMP time exceeded in-transit, length 76

In your case the router seems to block these, or at least it's not forwarding them.
 
ZebMcKayhan said:
The only time exceeded packets here are from the router itself, no others. This is where we differ:
Code: 
22:25:48.174938 IP 192.168.128.221 > dns.google: ICMP echo request, id 2590, seq 1, length 64
22:25:48.184738 IP 209.85.174.232 > 192.168.128.221: ICMP time exceeded in-transit, length 76
22:25:50.020521 IP 192.168.128.221 > dns.google: ICMP echo request, id 2591, seq 1, length 64
22:25:50.032990 IP 209.85.253.253 > 192.168.128.221: ICMP time exceeded in-transit, length 76
22:25:51.252702 IP 192.168.128.221 > dns.google: ICMP echo request, id 2592, seq 1, length 64
22:25:51.265604 IP 108.170.233.41 > 192.168.128.221: ICMP time exceeded in-transit, length 76

In your case the router seems to block these, or at least it's not forwarding them.
Click to expand...
That's not something I would have set/even know how to set ...
 
privacyguy123 said:
That's not something I would have set/even know how to set ...
Click to expand...
No... and it's not blocked by the firewall, atleast not in the forward chain which is used for access control... we even tried to explicitly accept icmp type 11 and it still didn't work...
And it's weird that it works for me but we have different routers so obviously something is different in fw implementation.
 
ZebMcKayhan said:
No... and it's not blocked by the firewall, atleast not in the forward chain which is used for access control... we even tried to explicitly accept icmp type 11 and it still didn't work...
And it's weird that it works for me but we have different routers so obviously something is different in fw implementation.
Click to expand...
Works for you as in: you have ProtonVPN and use their WireGuard config file in your router?
 
privacyguy123 said:
Works for you as in: you have ProtonVPN and use their WireGuard config file in your router?
Click to expand...
No, as your router receives the "time exceeded" messages from all hosts on wgc1 this is not a proton vpn problem. But we both get these on wgc1 but my router forwards them to br0 but your router don't.
The router doesn't care about which vpn supplier we use, it behaves the same. But something is different between yours and mine.
 
Nothing but headaches with this fw implementation. Im not sure it's for me, got a OpenWRT router on the shopping list to be honest.
 
You must log in or register to reply here.

Similar threads

tRiFFiD
RT-AX56U - SSL error when accessing a specific website
Replies
12
Views
908
tRiFFiD
tRiFFiD
I
Cannot ping gateway
Replies
2
Views
588
drinkingbird
drinkingbird
B
World of warcraft latency issues
Replies
6
Views
1K
Zulgrib
Zulgrib
Lynx
Double NAT? Confused!
Replies
15
Views
4K
Ostracizado
O
NetworkPacketsUnlimited
ATT Fiber - slow application responses
Replies
0
Views
948
NetworkPacketsUnlimited
NetworkPacketsUnlimited
Similar threads
Thread starter Title Forum Replies Date
O Assigned IP address to the WAN interface via VPN director: no internet connection - why? Asuswrt-Merlin 1
A Asus Merlin 388.6_2 VPN-Director Asuswrt-Merlin 5
M VPN FUSION & VPN DIRECTOR Merlin Firmware Asuswrt-Merlin 34
S VPN director and LAN traffic Asuswrt-Merlin 2
J Correctly using VPN Director? Asuswrt-Merlin 2
L&LD Problem with VPN Director Asuswrt-Merlin 6
devhell How I can dynamically manage VPN director rules list by CLI Asuswrt-Merlin 0
M VPN Director Stopped Working Asuswrt-Merlin 1
C VPN Policy rules director Asuswrt-Merlin 1
128bit can VPN Director be set to automatically use the wan for youtubeTV? Asuswrt-Merlin 8

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 878 (members: 21, guests: 857)
Top