Adding vpn kills access to other softwares

littleferris · 9 January 2023 21:24

Creating a bug report/issue

Required Information

DietPi version | v8.12.1 : 20:50 - Mon 01/09/23
Distro version | 'RASPBIAN`
Kernel version | uname -a
SBC model | Rp3b+
Power supply used | (EG: 5V 3A official)
SD card used | SanDisk ultra

Additional Information (if applicable)

Software title | OpenVpn
Was the software title installed freshly or updated/migrated?
Fresh
Can this issue be replicated on a fresh installation of DietPi?
Yes
← If you sent a “dietpi-bugreport”, please paste the ID here →
Bug report ID | echo $G_HW_UUID

Steps to reproduce

…setup vpn through dietpi-vpn
…

Expected behaviour

…vpn active and other softwares working fine

Actual behaviour

…vpn is active, but I am not able to access any of the other softwares until I remove openvpn.

Extra details

…

Jappe · 9 January 2023 21:26

So you connect to an external VPN service but then what is not working? You are not reaching your webservices, hosted on the device?
Also not from local network?
Please provide some more info.

littleferris · 9 January 2023 21:30

After setting up the vpn, I am not able to access any of the other services I installed EXCEPT transmission. Even stuff I setup in a docker is not accessible. I am on a local network. Im able to ssh into the pi just fine but any other service is not responding. Even though in the dietpi-services they all show as active.

Jappe · 9 January 2023 21:33

Have a look into this topic, probably you have the killswitch on

Joulinar · 9 January 2023 21:36

Yes if activate, our killswitch will block nearly every access from local network

littleferris · 9 January 2023 21:40

shouldnt the killswitch only apply on connection loss? I am connected so the killswitch shouldnt be active?

Joulinar · 9 January 2023 21:53

We allow SSH connection, even if killswitch has been selected. All other connections should be rejected.

littleferris · 9 January 2023 21:57

Right, but shouldnt the killswitch only turn on if connection to the vpn becomes disconnected?

Joulinar · 9 January 2023 22:09

The current implementation of the killswitch blocks every traffic not passing the tunnel

trendy · 10 January 2023 06:28

The point of the killswitch is to reject any traffic which doesn’t go through the tunnel, to prevent leaks. It is not the most elegant way, but it is considered the most secure.