OpenVPN UK Server but content is incorrectly blocked

dkay · May 16, 2023, 8:01pm

Are you able to ping the address mentioned in nslookup?
Is it private or public?

spacebiscuit999 · May 17, 2023, 5:07pm

nslookup
Server:  OpenWrt.lan
Address:  fdf1:fc79:****::1

*** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available for nslookup
> ping fdf1:fc79:bf15::1
Server:  [fdf1:fc79:****::1]
Address:  fdf1:fc79:****::1

*** No internal type for both IPv4 and IPv6 Addresses (A+AAAA) records available for ping

lleachii · May 17, 2023, 5:13pm

If you are running the command: nslookup example.com:80

try instead:

nslookup example.com

i.e. without the ":80" portion appended.

spacebiscuit999 · May 17, 2023, 5:23pm

nslookup of google.com (no port appended)

nslookup google.com
*** Can't find address for server google.com: Query refused

hecatae · May 17, 2023, 5:25pm

So I'm curious what you see when the VPN is connected and you are SSH into the device, does the VPN server give you a specific DNS server or are you seeing a race condition where the router is falling back to a quicker DNS server on your public IP address?

egc · May 17, 2023, 5:53pm

One of the problems i see in the client config is:

route 0.0.0.0 0.0.0.0

this might destroy the default route.
If the tunnel goes down the default route will not come back.

It is unusual to do it like this, every prudent user/provider would use:
redirect-gateway def1 instead

Actually redirect gateway def1 is normally pushed by the server so should not be necessary at all.

That said it has nothing to do with your detection by the BBC but it could be the reason why you have to reboot if the VPN is not working or you are switching the VPN.

What VPN provider is this? (so I will know and can avoid it )

I have ample experience with BBC iPlayer and using a VPN and sometimes it is just blocking a VPN, but misconfiguration is also possible.

You have to make sure your DNS is also through the tunnel
Your browser can also give you away, make sure webRTC is disabled and preferably, use private/ incognito mode for your browser

spacebiscuit999 · May 17, 2023, 6:15pm

Just figured something.... whilst my connection is unable to resolve dns, I discovered another device on my network that had connected to Openwrt and I noticed that it had the VPN's IP address and was able to resolve dns. So moving back to m main machine I run ipconfig /flushdns and nslookup now works.

Both connections still are unable to stream content from iplayer though

The VPN is PureVPN, but note this works fine when using OpenVPN's desktop app (i-player works every time)

When I ssh into OpenWRT and run nslookup:

root@OpenWrt:~# nslookup google.com
Server:         8.8.8.8
Address:        8.8.8.8#53

Name:      google.com
Address 1: 142.250.200.46
Address 2: 2a00:1450:4009:823::200e

I've been using Incognito mode mostly during this test.