Posted: Wed Apr 21, 2021 9:57 Post subject: How to open ports through VPN.
I have a r7800 running r46380.
I have set up OpenVPN Client to connect with NordVPN, which seems to be working fine.
I have enabled the Transmission Daemon and set up Transmission for torrents, which is working well (by working I mean it's downloading torrents fine).
I have a static port number of 51413, but when I go to test the port, I get that the port is closed.
I want to keep all traffic including torrents using the VPN, as my router connects to a communal WiFi so all my traffic going in and out would ideally stay encrypted.
I am presuming that as I wish everything to be kept inside the tunnel, that it's not as simple as port forwarding?
There is no sign of any activity while a torrent is currently downloading, so my guess is Transmission has automatically bound itself to the tunnel. There is no sign of any packets other than the few at the top of this image, and the OpenVPN packets.
Yes, unfortunately when I checked, NordVPN indeed don't offer port forwards.
The router has to use my Apple MAC address as originally when I signed to the building, my account was associated with my phones MAC, and it's too much like hard work to get it changed again.
Again, without port forwarding support by the OpenVPN provider, there's no way to provide remote (i.e., unsolicited inbound) access over the VPN. There are ways to provide access via port 51413 over the *WAN*, namely port-based PBR (policy based routing), but I assume that's NOT acceptable since it minimally exposes you as a seeder.
I will have a look at other VPN providers as the mantra of torrents is to share and share alike, at the moment I can obviously only take, unless as you have stated I expose myself through the WAN rather than everything going through the VPN.
Yes, I never even considered the port forwarding when I signed up for Nord. Infact it's only now I really realised the problem. On my old router, just getting it working was a major feat. It's only now with the R7800 that I am getting to be picky and try and make the setup as good as possible.
Not all VPN providers who support port forwarding are created equal. PIA, for example, is (imo) awful. They only support it within a limited subset of their servers. And it requires implementing their API so you can determine the port (and they only alone *one*) at runtime (i.e., dynamically). It's done this way (at least according to them) to minimize the chances of anyone tracing a given server+port back to you. But it's a major hassle to implement when dealing w/ the router. What is much preferred is something like AirVPN (there are others, I'm just using them as an example) which provide a simple means, via their website, to define your port(s) *statically*.
Thank you. I did see while searching that PIA appeared to be giving a lot of people trouble.
I will have a bit of a research into it, as at the moment it's only causing a problem with outgoing torrents, but in time I had hoped to put a webserver on the router.
I haven't looked into wireguard, so I will do that too.
Joined: 16 Nov 2015 Posts: 6447 Location: UK, London, just across the river..
Posted: Thu Apr 22, 2021 15:50 Post subject:
i haven seen a VPN that permits outgoing torrent (upload) yet... and very few permit torrenting at all..
but PIA does permit torrents, DL is no problem... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Thu Apr 22, 2021 19:52 Post subject:
Alozaros wrote:
i haven seen a VPN that permits outgoing torrent (upload) yet
https://airvpn.org/faq/p2p/ _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
well... PIA also permit it, but the speed is so symbolic
as well most of the torrent managers, do support upload encryption, so ISP cannot catch it...and you dont need VPN for torrenting at all..but i guess, few countries go manic about torrents and there you go... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
and those questions are not DDWRT related any-more, so very likely you will end up your thread here... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913