Bypassing OpenVPN block

I’ve set up an OpenVPN endpoint from a pfSense VM on ESXi, and so far it’s been working great for encrypting connections on open WiFi. On my work WiFi and the local coffee shop it works great. But I hit a snag recently at one (in)famous doughnut shop. OpenVPN was completely unable to connect, giving up after five timeouts. Checked DNS, and it resolving correctly to my server IP. Just to make sure, I whipped out my phone, enabled the hotspot feature, and was instantly able to connect to my endpoint.

So said doughnut shop seems to be able to sniff out OpenVPN connections, even if it’s not connecting to one of the big VPN providers. Is there any way to bypass such blocks?

Try to enable another port in your openvpn daemon, like port 80 or 443, most of those blocks are often just a port blockage.

1 Like

Exactly,

Lookup OpenVPN port sharing and run TCP mode OpenVPN on port 443.

Also, try to reduce the MTU on OpenVPN interface further - some firewalls are misconfigured to block ICMP breaking MTU detection. (1200 would be a good upper bound).

1 Like