Jump to content

Recommended Posts

I was interested in using the Hybrid VPN to segregate some traffic on my network but I've ran into a few issues.

Router: XR 500 v2.3.2.130
VPN: HMA

After signing up for HMA, I tried to connect but it looks like they may have change their encryption method or something
Error connecting over TCP:
WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
It looks like this should be an easy enough fix to change the flag in the OpenVPN config, but I'm no expert.  

UDP connects, but all traffic goes through the VPN (seems like all or nothing), not using the IP ranges I entered for services (easy test was setting ports 80 and 443 and asking google what my IP was). I saw another post where it suggested using TCP but again that never connects.

Any suggestions would be appreciated.  

Link to comment
Share on other sites

Hi Fraser,

I was using the basic setup.  I just tried advanced by downloading the HMA setup files:
https://support.hidemyass.com/hc/en-us/articles/202721966-I-need-the-config-files-ovpn-for-setting-up-HMA-VPN-on-my-router-smartphone-etc-Where-can-I-get-them-
 

I used the closest regional server (just for testing).   Entered HMA credentials and copy/pasted the content from the OpenVPN TCP file.  It connects, without error, but still not filtering traffic correctly.  Here's an example with Plex:
image.thumb.png.9777870bcb1d3dcd9450c2606f7df6f8.png
 

 

Still seems to be all or nothing.  

Link to comment
Share on other sites

Ok so I've tried with HMA's DNS but same thing (doesn't appear to be an issue resolving oh.us.hma.rocks but maybe I'm not understanding what's required here).  I even tried switching it to "Only VPN these services" and it's still "all or nothing" since no traffic is being passed through the VPN.  I tried turning on uPnP but that just seemed to allow it to work through the VPN.

I have an account with PIA so I tried using their OpenVPN file but experienced the same issue.

Is there any way to force a route in the manual config file?  I tried going through the OpenVPN documentation but there's a lot there.  
image.thumb.png.d1a0074c12d61e5a6854962a045830d8.png

image.thumb.png.456826565e5e9397c41b17894e4f3bfa.png

Link to comment
Share on other sites

Let's say I create a VPN Traffic rule for TCP ports 80 and 443 and say only route that traffic through the VPN, it routes ALL traffic.  If I say "Do not VPN" 80 or 443, it still uses the VPN for all traffic.  It seems like it's just ignoring what's under "VPN Traffic" -> "Services".  I only have 1 device listed in there right now and it's only sending VPN traffic for that device so that's a plus, but if that's the case I could just install VPN software directly on the device instead of handling it via the router.  

image.thumb.png.7926b7ce18287699f6761a94fcad3bf4.png

 

If there isn't an easy fix I'm going to see if HMA will just refund me since this what the only reason I subscribed (I personally like PIA better).  It would be a nice feature to have, but if it's not user friendly I'm not going to worry about it.    Maybe if I get some more time I'll try to connect PIA via the advanced configuration and keep troubleshooting it. 

I appreciate your time, thanks for your responses!

Link to comment
Share on other sites

4 hours ago, Netduma Fraser said:

Gotcha, well assuming they're using the same port for source/destination then I suspect the only issue preventing it working would be the DNS at this point

 

plex_ipdetect_port.png

Link to comment
Share on other sites

  • Administrators

The IP can cache so are you clearing the cache every time you check to see if the IP has changed? PIA should work fine, any provider that can give you OpenVPN configuration files should work fine. Yeah thats the IP for remote access but unlikely to be the one for checking the actual IP, could be wrong!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...