Hello everyone. I was testing out Tunnelbear VPN on my Android device and I noticed that my UDM-P was able to identify the traffic. I assume this means that Tunnelbear “leaks”. I completely uninstalled/reinstalled but that didn’t correct the problem. Am I missing something or do I not completely understand how VPNs work? Thanks!
Hello! Thanks for posting on r/Ubiquiti!
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit.
If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
UDM-P was able to identify the traffic
Do you mean identify that you had VPN traffic, or identify the traffic you thought was secure and going over the VPN? (e.g. that you went to P**nhub)?
Guessing that Unifi is looking at the IP address and the traffic type, and figuring out who the provider is. It’s not that the data is “leaking” but more that it can be identified… The list of IPs for most providers is known, so if the traffic is going to one of those IPs, it’s fairly sure it’s them… Then it can fingerprint if it’s OVPN, Wireguard, or whatever, and it knows a bit more. It’s not rocket surgery… ISPs can see this too.
I’ve narrowed it down to a DNS issue on my android device. My PC and the wife’s iPad work just fine over VPN and the router can’t identify the IPs. I also tried Nord VPN and Malwarebytes Privacy on my phone and they too had the same issue.
Thank you for the replies everyone!
It was able to identify the sites I visited while connected to the VPN.
But a VPN should only have a single destination, the VPN provider, the remote server. All other traffic should be enclosed inside of the tunnel out of view from the router.
Ah gotcha. Yeah I ignorantly assumed that all traffic was supposed to be completely hidden but then again, I should be asking myself how would the router even be able to route said traffic without knowing the IP.
That’s not normal. That should have been hidden by the VPN if things were working correctly.
It sounds like Tunnelbear either wasn’t connected, or something was wonky with your device config… because all that the UDM-P should have been able to identify was that you were connected to a VPN.
yea, your router will see you are talking to one of the VPN endpoints, and on a VPN port, but will not see the inside traffic… It knows your going to Tunnel Bear, but not whats inside…
yea. That’s got a lot of people!
Gotcha. I’ll continue to do some digging and try out other VPN providers.
It sounds like all of OPs traffic was visible, not just the fact they were on a VPN but all of their browsing history.
ouch… that aint good…