OpenVPN and TTL

behlul · February 28, 2022, 10:34pm

Hi,

I have tried to set the TTL value for OPENVPN Client, but seems like it doesn't change.

Is there any option or other way to change the TTL value of the packets on VPN connections?

Thank you.

lleachii · March 7, 2022, 6:54am

Usually, you change TTL at the source of the traffic (i.e. the client).

behlul · March 7, 2022, 7:18am

The client pc is windows based and user account is not an administrator. I cannot change client’s ttl.

I can change the ttl on the openwrt firewall by iptables etc. But when the connection is vpn, the ttl is unknown, I couldn’t trace it.

lleachii · March 7, 2022, 9:13am

Maybe I should ask about the use case...Why are you trying to change the TTL?

a TTL field cannot be unknown
perhaps explaining why you want to change the TTL may help
there may be a TTL setting for the VPN interface itself
iptables mangle rules can be used to increase, decrease or set a TTL

Do you have Internet traffic that isn't reaching the destination?

behlul · March 7, 2022, 1:07pm

I change ttl to get rid of tethering limitations.

And also I try to set my connection over vpn. The configuration is like this;

[client] - [router: openwrt, firewall ttl set, openvpn client connected] - [mobile router]

lleachii · March 7, 2022, 1:20pm

Then its against the forum rules to explain.

But I noted one method above:

Hope this help.

mk24 · March 7, 2022, 2:06pm

That is done on the "outside" of the VPN packets, the packets going to the VPN server via regular Internet. In other words it doesn't matter if the Windows endpoint (or any other LAN device) is running a VPN client or accessing the Internet directly. Your router would mangle all packets going to the Internet.