Viscosity VPN & College Firewall

Got a problem with Viscosity or need help? Ask here!

Adam

Posts: 3
Joined: Thu Nov 26, 2009 5:08 pm

Post by Adam » Thu Nov 26, 2009 5:15 pm
Hello I just recently setup OpenVPN on my pfSense box and when searching for a vpn client software for my macbook pro I came across viscosity and fell in love. It really is a nice piece of software and you can bet money, when my 30 day trial is up.. I will be purchasing a license. Anyways I've been able to connect through some public internet spots but I would really like to connect @ my school and so far I have not figured out how-to. When connecting to there wifi I must login via border manager with my school id and password. I know the schools proxy and I have gotten other programs like iChat to connect using the proxy and http with port 80 or 8080. Sorry if my question doesn't make sense as I am somewhat new to this and the wording may be off. Thanks!

James

User avatar
Posts: 2313
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Thu Nov 26, 2009 8:09 pm
Hi Adam,

It sounds like you want Viscosity to connect through your school's proxy to your pfSense box?

If so, it should be easy enough to accomplish. Firstly, on your pfSense box you'll need to tell OpenVPN to use port 443 (instead of the default which is 1194), as otherwise the proxy will probably block the connection.

Once you have done that, you'll need to tell Viscosity to connect through the proxy. To do this, edit your connection in Viscosity (Preferences->Edit) and click the Proxy tab. Tick the "Connect using proxy" checkbox. Now enter your school's proxy details. Hopefully you know what these are. For example, the type is probably HTTP, the address something like proxy.myschool.edu, the port (probably 8080 or 80), and the Auth set to Username/Password (Basic) if you need to type in a username/password to use the proxy server.

Finally, also tell Viscosity to connect using port 443 (under the General tab). Click Save and see how you go.

Regards,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

Adam

Posts: 3
Joined: Thu Nov 26, 2009 5:08 pm

Post by Adam » Tue Dec 01, 2009 9:40 am
Hey James thanks for the quick and informative response! I followed your instructions and am still running into roadblocks, I checked the details log and it said something about me using UDP and needed to be switched to TCP because of the port or HTTP proxy I was using? I switched it too TCP and a new problem came up;

Mon Nov 30 17:29:56 2009: RESOLVE: NOTE: my.edu.proxy resolves to 2 addresses, choosing one by random
Mon Nov 30 17:30:06 2009: TCP: connect to 10.10.10.10:8080 failed, will try again in 5 seconds: Operation timed out

Those are the general messages being displayed over and over, I've italicized the sensitive info and put something fake there.

James

User avatar
Posts: 2313
Joined: Thu Sep 04, 2008 9:27 pm

Post by James » Tue Dec 08, 2009 5:22 pm
Hi Adam,

You need to set the protocol to be both TCP on your pfSense box and under Viscosity. UDP connections cannot traverse through a HTTP proxy.
Code: Select all
Mon Nov 30 17:29:56 2009: RESOLVE: NOTE: my.edu.proxy resolves to 2 addresses, choosing one by random
This is fine in most cases - it simply means your college has two proxy servers and is load balancing between them using DNS.
Code: Select all
Mon Nov 30 17:30:06 2009: TCP: connect to 10.10.10.10:8080 failed, will try again in 5 seconds: Operation timed out
Is this the address of the proxy server or your VPN server? If it is the proxy server it means either the address or port number is wrong (try entering the correct IP and port again under the Proxy tab). If it is your VPN server's address, try changing your port number to 443 and TCP on both the pfSense server and under Viscosity.

Cheers,
James
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

Adam

Posts: 3
Joined: Thu Nov 26, 2009 5:08 pm

Post by Adam » Wed Dec 09, 2009 9:10 am
I've got it all setup and working, I kept playing around with the proxy settings and finally changed the port from 8080 to 80 and it started to work. Thanks! BTW I purchased my serial today :D
5 posts Page 1 of 1