User avatar
MEMEs
Posts: 91
Joined: Tue Jan 13, 2015 7:25 pm
Location: Rotterdam
Contact: Website

PiVPN: Can't connect to pi from work?

Fri Nov 09, 2018 3:33 pm

Hi there,

I have a very weird problem. On my raspberry pi i have installed openvpn using pivpn. I've set up an tcp connection over port 80. I can connect perfectly to the pi when i'm not at work (e.g. on the road, in a coffee shop). But when I try to establish a connection at work it always fails.
I've tried different commonly used webtraffic ports and also udp but it doesn't seem to work.

However I am able to create a connection at work using private internet access, so it should be possible to create a vpn connection.

I would really like to be able to create a VPN connection to my pi. Does anyone have an idea how I can research further into this problem and fix it ? Where should i begin? What possibilities do I have ?

Thank you in advance.

The openVPN log doesn't give any detailed info. Just that it tries to connect to mu ip and port and then i get a 'server poll timeout' error.

pfletch101
Posts: 229
Joined: Sat Feb 24, 2018 4:09 am

Re: PiVPN: Can't connect to pi from work?

Fri Nov 09, 2018 4:35 pm

Almost certainly, your work network is set up (probably intentionally) to block the ports OpenVPN is trying to use. You will need to talk to the network types at work to see if this can be changed and/or whether they have any other suggestions.

User avatar
MEMEs
Posts: 91
Joined: Tue Jan 13, 2015 7:25 pm
Location: Rotterdam
Contact: Website

Re: PiVPN: Can't connect to pi from work?

Fri Nov 09, 2018 4:40 pm

Hi there, thanx for the reply!

so this would be a case of the outgoing ports of my laptop? the ict people at my work are not really educated, i've been trying to ask these questions to them but they don't seem to even understand what i'm trying to ask them.

Is there a way to fix this my self? can I maybe change the outgoing port of my openvpn on laptop or something ?

pfletch101
Posts: 229
Joined: Sat Feb 24, 2018 4:09 am

Re: PiVPN: Can't connect to pi from work?

Fri Nov 09, 2018 6:47 pm

MEMEs wrote:
Fri Nov 09, 2018 4:40 pm
Hi there, thanx for the reply!

so this would be a case of the outgoing ports of my laptop? the ict people at my work are not really educated, i've been trying to ask these questions to them but they don't seem to even understand what i'm trying to ask them.

Is there a way to fix this my self? can I maybe change the outgoing port of my openvpn on laptop or something ?
The 'gatekeeper' is in the router which connects the local network to the internet. In a home installation, it will be connected to or (often) incorporated in the cable modem, ADSL adapter, or other device that enables internet service. In a small workplace, it may be the same. In a larger workplace, it will be connected to the internet trunk that the business has leased. If the settings on your workplace's router have been set so tightly that ports routinely used for a VPN have been blocked, I would not want to bet on your finding ones that will work. It sounds as if who ever set it up may have used the "block everything except what I absolutely must leave open" principle. There should be someone in your IT departement who understands these issues!

User avatar
MEMEs
Posts: 91
Joined: Tue Jan 13, 2015 7:25 pm
Location: Rotterdam
Contact: Website

Re: PiVPN: Can't connect to pi from work?

Fri Nov 09, 2018 7:03 pm

I work at a university so that could be the case. There is one thing, i also have a windows computer running where i connect to via vnc. That connection is not blocked. Could there be something special happening with the vnc session because i’ve set it up using an account login rather than ip settings? For my windows setup i use jump desktop (because it has mouse support over vnc for ios). I’m connecting to my windows pc at home using the account loging on the server and client side. Maybe that routes the data via a server of something so that the traffic is not blocked? And if so, is there any service that is reccomended to use for such a service in linux? Thanx in advance! :-)

pfletch101
Posts: 229
Joined: Sat Feb 24, 2018 4:09 am

Re: PiVPN: Can't connect to pi from work?

Fri Nov 09, 2018 7:29 pm

MEMEs wrote:
Fri Nov 09, 2018 7:03 pm
I work at a university so that could be the case. There is one thing, i also have a windows computer running where i connect to via vnc. That connection is not blocked. Could there be something special happening with the vnc session because i’ve set it up using an account login rather than ip settings? For my windows setup i use jump desktop (because it has mouse support over vnc for ios). I’m connecting to my windows pc at home using the account loging on the server and client side. Maybe that routes the data via a server of something so that the traffic is not blocked? And if so, is there any service that is reccomended to use for such a service in linux? Thanx in advance! :-)
I think that it is most likely that the port used by your working jump desktop remote connection (which apparently defaults to 5900) has been left open on the gatekeeper router (perhaps whoever configured it did anticipate the use of this software). It might be worth seeing if you can configure both ends of your VPN connection to use that port. Otherwise I do not know what to suggest. I have only had very limited practical experience with setting up VPN connections, and that some years ago.

drgeoff
Posts: 8762
Joined: Wed Jan 25, 2012 6:39 pm

Re: PiVPN: Can't connect to pi from work?

Fri Nov 09, 2018 8:25 pm

My advice which you can accept or ignore.

If you have a legitimate work need to access from workplace your RPi at home, then escalate as necessary to get it or acceptable alternative officially provided. If you don't then quit now before you risk disciplinary action for attempting to circumvent security measures.

Return to “Advanced users”