??? I need a VPN to work, I can’t stay at a hotel if I can’t work there. lol
Most hotels block IPSec VPNs. Airplane WiFi blocks it too. I’ve had to resort to SSL VPN for those networks. It’s a QoS, anti-net-neutrality thing.
Good to know. That’s a solid blacklist for me. There’s zero reason to block VPN on public use guest networks. Rate limit, sure, but especially considering how terrible a lot of networks are in hotels there is not way I’d use one directly (in some cases, you really use the word network loosely, what with it typically just a bunch of Best Buy special DLink routers triple natting everything into oblivion…)
Let their inadequate IT policies undermine their seedy motel business; they’re already on their way out anyway.
Does your phone have a hotspot? I’ve never had reliable wifi at a hotel in my life.
Easy fix just open up additional listening port 443 or 53 on your VPN service. Or just tell your client to use cell phone hotspot.
SOCKS over port 443. Good luck to them trying to block that
Why? What do they care… and if they do so much how come ? I don’t get it.
Are you using SSLVPN at port 443 or a custom port? Are they doing DPI? How would they know what you’re using the SSL connection for - unless you’re using a custom port.
It amuses me that they think they can block my VPN.
I can’t think of any reason why someone decided this was necessary ?
Are they running deep packet inspection over their wifi?
this is why IPSec and GRE fell out of style… use UDP/TCP tunneling and most environments can’t even tell, much less block.
Putting your sslvpn box on port 443 will remove 90% of problems. I know from the experience of filtering outbound traffic that anything on odd ports is a pain to permit.
If it’s on 443, it should just work.
Ian
Presumably they’re just blocking a particular port. Is there much else they can do? Our VPN is on a non-standard port so it hasn’t been an issue.
Everything’s premiere, apart from the network…
Yes we block vpn’s because we want to deep packet inspect all of your traffic and sell your passwords to 3rd parties.
We’ve got several TB in our mobile data pool and the ability to use that data for a small daily fee pretty much anywhere in the world so this kinda thing should never really be an issue for us. Just don’t try to use it on a cruise ship.
From my own personal experience I find hotel internet here in Canada so highly utilized and under-powered that its basically useless any time a hotel is busy at all.
Had that problem with clients working on large building sites on guest networks, so I changed VPN to use 443 TCP
I don’t get it though, they must be banning specific ip’s (like ones for those commercial vpns, surf shark or some other crap) or they are blocking specific protocols or destination ports?
This would be trivial enough to bypass for any technical person (encapsulate your traffic in an allowed protocol for example).
Am I missing something about how they are actually enforcing it? Just don’t see how that’s in any way enforceable.