VPN leak on Xperia 10 III

marbalf · 21 June 2022 12:25

As per title, I have an issue with the VPN. I was filing a bug report, but I preferred sharing it here first, in case it’s a known problem (or, even better, there’s a known solution).

REPRODUCIBILITY: Always
OS VERSION: 4.4.0.64
HARDWARE: Sony Xperia 10 III
UI LANGUAGE: EN-UK
REGRESSION: yes

DESCRIPTION:

I’m using Proton VPN with .ovpn configuration files.

I used the same files with my old Xperia X but I never had any issue. Now, I noticed that when I try to connect to websites (e.g. gutenberg.org) that are blocked here (Italy), I don’t reach them anymore, but I reach the warning page from local authorities.

I checked with ipleak.net and saw that my connection was leaking.

I looked for some information here in the forum, and found this After update to 3.4.0.22 - XA2's VPN says connected but traffic is not going through VPN - due to IPv6

I tried to apply the solution suggested here How can I keep ipv6 disabled? but it didn’t work for me (even after creating the firewall rules suggested in the link, the connection leaked).

Any suggestion would be welcome. Thank you.

nekron · 21 June 2022 14:48

Looks like your DNS is leaking and thus name resolution for gutenberg.org redirects to the Italian web page. Your IP address is Dutch and all connections via IPv4 will be routed through the Netherlands so you should check for the DNS server settings pushed from your VPN provider or configured in the .ovpn file.

jolla4ever · 21 June 2022 19:05

Yes, I also think itś a DNS problem. Did you download the .ovpn choosing router as platform? As far as I know, DNS is then set automatically in SFOS. When you want to configure a real router, the address is 10.8.8.1 for UDP connections and 10.7.7.1 for TCP connections.
Info from ProtonVPN Team: https://protonvpn.com/support/dns-leaks-privacy
Thank you, Proton!

marbalf · 22 June 2022 05:44

Than you @nekron, thank you @jolla4ever. I will have a look at the configuration then and see what happens. My scepticism arises from the fact that I changed phone, not files; but I’m also used to the odd quirk, with phones…

klarre · 20 August 2022 12:44

Did you manage to solve this? Seems like I have the same issue. Ad blocking VPN not blocking ads - #4 by WT.Sane

WT.Sane · 20 August 2022 14:25

Would maybe manually setting a DNS help? But in SF it’s not as simple a just adding one in /etc/resolv.conf.

jolla4ever · 21 August 2022 22:36

I tbink it has much to do do with jail… Very much.
Welcome virtualization!!!

marbalf · 22 August 2022 06:36

Hi, @klarre. I had a few issues with my phone recently, and unfortunately it’s at Sony’s at the moment. I do not remember very well if I had found a solution or not: I was doing different things at the same time. A few things I kinda remember are that:

the leak happened only with Firefox, but not with Jolla Browser (I believe);
I edited the .ovpn file by either commenting or adding a line, but I do not remember what.

I’ll try to come up with something more, but as long as I do not have the phone it’s going to be difficult.

PS
Maybe something something “block-outside-dns”? Try with or without it… But it’s a shot in the dark.

klarre · 7 February 2023 00:31

I cannot reproduce this issue anymore after upgrading to 4.5.

marbalf · 10 February 2023 08:02

Yep. I updated yesterday and checked, and I can confirm it too: as written in the release notes, 4.5.0.16 solves the issue. Awesome!

jovirkku · 10 February 2023 08:03