Page 1 of 1

Mozilla VPN adds a new wrinkle.

Posted: Fri Apr 23, 2021 5:46 pm
by linear_z

I have been using OpenVPN in a split-tunnel configuration for some time - connecting my home PC as a client to my work PC as the server. Recently, I've added Mozilla VPN to the home PC to route all traffic. (I understand that OpenVPN can achieve this as well, but I digress.)

From a technical perspective, I am still able to attach the home PC to the OpenVPN server - through the Mozilla VPN, and I can see the new public IP address from the server logs - and I assumed that since the connection was successfully completed, that it would function the same from the server side - but I cannot connect back to the home PC via RDP as I have before & I'm not quite sure where the break is. Will I need to add a route to the server config file?

port [port#]
proto udp
dev tap-server
dev-node tap-udp_[port#]
log-append tap-udp_[port#].log
ca "CA.crt"
cert "VPN.crt"
key "Server.key"
dh "dh.pem"
tls-auth "ta.key" 0
crl-verify "crl.pem"
topology subnet
push "route"
keepalive 1 20
cipher AES-256-GCM
max-clients 1
verb 2
mute 20
explicit-exit-notify 1


Re: Mozilla VPN adds a new wrinkle.

Posted: Sat Apr 24, 2021 3:20 pm
by linear_z

I had been reading to add a route / metric, or specify the interface for the tap adapter in order to bypass the wireguard, etc, etc, etc..

There is a toggle switch in the Mozilla VPN settings interface for 'Local Network Access'. This allows OpenVPN to connect to my server through the existing tunnel, and the RDP connections function in both directions as before.

Interestingly, without this switch activated, the OpenVPN will complete the connection, but will ping the new subnet with a 'General Failure'. Turn it on, and voila. Still logging the connection from the new IP, so no bypass is occurring.

Another interesting phenomenon, the IPv4 routing table has 18 lines without the switch activated, (I also have a VM adapter, hence the elevated table), but lists a whopping 142 - yes one-hundred and forty-two - routes in the table. 🤷‍♂️