Adding vpn kills access to other softwares

littleferris · January 9, 2023, 9:24pm

Creating a bug report/issue

Required Information

DietPi version | v8.12.1 : 20:50 - Mon 01/09/23
Distro version | 'RASPBIAN`
Kernel version | uname -a
SBC model | Rp3b+
Power supply used | (EG: 5V 3A official)
SD card used | SanDisk ultra

Additional Information (if applicable)

Software title | OpenVpn
Was the software title installed freshly or updated/migrated?
Fresh
Can this issue be replicated on a fresh installation of DietPi?
Yes
← If you sent a “dietpi-bugreport”, please paste the ID here →
Bug report ID | echo $G_HW_UUID

Steps to reproduce

…setup vpn through dietpi-vpn
…

Expected behaviour

…vpn active and other softwares working fine

Actual behaviour

…vpn is active, but I am not able to access any of the other softwares until I remove openvpn.

Extra details

…

Jappe · January 9, 2023, 9:26pm

So you connect to an external VPN service but then what is not working? You are not reaching your webservices, hosted on the device?
Also not from local network?
Please provide some more info.

littleferris · January 9, 2023, 9:30pm

After setting up the vpn, I am not able to access any of the other services I installed EXCEPT transmission. Even stuff I setup in a docker is not accessible. I am on a local network. Im able to ssh into the pi just fine but any other service is not responding. Even though in the dietpi-services they all show as active.

Jappe · January 9, 2023, 9:33pm

Have a look into this topic, probably you have the killswitch on

Joulinar · January 9, 2023, 9:36pm

Yes if activate, our killswitch will block nearly every access from local network

littleferris · January 9, 2023, 9:40pm

shouldnt the killswitch only apply on connection loss? I am connected so the killswitch shouldnt be active?

Joulinar · January 9, 2023, 9:53pm

We allow SSH connection, even if killswitch has been selected. All other connections should be rejected.

littleferris · January 9, 2023, 9:57pm

Right, but shouldnt the killswitch only turn on if connection to the vpn becomes disconnected?

Joulinar · January 9, 2023, 10:09pm

The current implementation of the killswitch blocks every traffic not passing the tunnel

trendy · January 10, 2023, 6:28am

The point of the killswitch is to reject any traffic which doesn’t go through the tunnel, to prevent leaks. It is not the most elegant way, but it is considered the most secure.