Water-tight VPN configuration

Installing and Using OpenWrt
1

I use NordVPN. My router (OpenWrt) is a client, via a Wireguard configuration.
The network is as follows:
Device (DHCP) <-> OpenWrt Router <-> ISP Modem/Router <-> Internet
My LAN subnet is 172.16.17.0/24. My router's WAN address is 192.168.1.2/24 and the WAN cable is plugged into the ISP Router's LAN.
My WAN interface has static DNSes for NordVPN (103.86.99.100, 103.86.96.100)[0]
Looking at dnsleaktest.com, running the extended tests shows that there is no DNS leak[1]
However, there are cases where some websites are tracing me to my location which VPN should be hiding. Some site specifically blocks me because I am using VPN[2].

wan_int
wan_int1359×1101 60.7 KB
[0]

s2
s21635×945 44.1 KB
[1]

keychron
keychron1512×1110 38.8 KB
[2]

So I am looking for gurus with VPN who can help me identify what I am not doing right. I suspect some IP routing could be the cause.

2

There is nothing you can do about that. The exit addresses of all mayor VPN providers are well known, and if not, they soon will be. And some sites blacklist those addresses.

Have you tried to clear the cookies? There might be leftovers from a previous visit without VPN.

1 Like
3

Another thing you must check is that IPv6 is disabled when the VPN is only v4. If your ISP offers IPv6 it needs to be blocked so clients can't go locally to the Internet via v6, bypassing the V4 VPN entirely.

Assuming it's not that, the first case is because the browser or some other application betrayed the location, and sent a cookie or some other information through the tunnel. The second case is self-explanatory: NordVPN's server "output" IPs are on a list that the service is going to block because it is a VPN. There is nothing the router can control about either of these cases.

4

Yes, I do clear my cache. Plus, I have other browsers that I do not use regularly and they suffer the same issue.

5

IPv6 is disabled on my OpenWrt router's WAN interface. My ISP also doesn't offer IPv6, but the ISP router is just the equivalent of a cable for me.
So it seems I am suffering your 2nd explanation and I probably need to change the OpenVPN server I am using to one of the latest ones before its IP address is added to the DB of VPN IPs and blocked :slight_smile:

6

VPN is not hiding your location, VPN is "moving" your location from your current location to the location of the VPN server.

Some sites/companies actively seek for VPN use (Netflix, amazon, your bank etc.) and if they found out you are using a VPN they will block you.

It is often a cat and mouse game between VPN providers and those wanting to block.

1 Like
7

Tough life this one. I have been trying to use some upcoming Alexa features (Alexa, let's chat) and Amazon keeps telling me it's not available in my region. Means they're kinda figuring out that I am not in the US :frowning: