Want to connect to commercial VPN when using school/public Wifi but unable to even access the VPN’s website. Used Wireshark and saw TCP reset flags after the client Hello when attempting to connect to the VPN’s website
Is there any way around this? Legally of course
What’s the source of the reset, fw/IPS in the network or from the VPN server? Could be the network you’re on doesn’t 1) like VPNs or 2) doesn’t like the VPN service you’re trying to connect to. Is the service an IPSec VPN? Check w/provider to see if you can switch to a TLS over 443 connection instead.
You may never know exactly why it’s happening especially if the network topography is purposefully being obscured from you.
I want to second what others have said about trying to connect your VPN over TCP on 443 or using an SSH tunneling scheme. Those ports are allowed by most enterprises. A dual UDP in/out may work too.
If none of that works you can try wireguard. It’s connection protocol is more exotic, making use of packet encapsulation as it’s standard functionality.
Sounds like a black listed address. But I’m not clear if you mean you are trying connections from the school and other public Wi-Fi sites or the school is the public Wi-Fi.
Blocks can happen from the VPN server, a firewall in the middle, or client endpoint software. Given you see the reset it’s not likely the endpoint. If your trying from different networks and still get a block it probably isn’t a firewall in the middle, unless you are already connected to an AlwaysOn VPN and traffic is routing through the same gateway. Since it’s a commercial VPN they are likely not blocking the connection unless you are trying to violate a policy like connecting from a restricted country or source. But there’s a lot of subtlety in all of this and policies can be enforced at a lot of points.
Without a little more detail it’s hard to say exactly.
Should be school network as it works fine at home and other public networks. I’ve tried protonvpn and nordvpn but neither works. Not even their company website is accessible
I’ll give that a shot, thanks
It works fine at home and some public networks, but school and a select few other public networks see the TCP flag reset
Not even their VPN company’s website is accessible
go a step further and use Iodine and put everything out over UDP 53
Try their guest network. Most firms aren’t cool w/folks using client VPNs from prod networks.
Cryptostorm offers wireguard nodes. Here’s how to configure one.
https://cryptostorm.is/wireguard
Other than that you could set up a Wg server on a computer you own and it wouldn’t cost you anything.
Only if you like dial up modem speed