Is it possible to block Openvpn connections?

Just discovered that not a single one of my OpenVPN connections will connect over a supermarket cafe freewifi!

My connections to my home are over various ports, none will connect.

Have other connections over Airvpn on port 443 also none will connect.

Don’t have any connections over port 80 to test.

I thought to block a vpn connection on a device you’d only need to block the port or is there another way?

OpenVPN does not look like normal https type traffic and there are firewall that can filter for that.

Did not know that, first time I’ve had this happen.

Am using the OpenVPN client on an android phone.

Are there any options to get around this?

My VPN provider does have an app, which I suspect can circumvent this. Obviously don’t have it installed to test.

Depends on how good the blocking system is.

Ok looks like OpenVPN over SSH or SSL might be the way forward.

Are your openvpn servers set up for TCP to more closely mimic web traffic? By default most openvpn setups use UDP for security.

Yes I defaulted to UDP as it ought to be a bit faster, but yes I see in this case TCP would be better. However, I think the way forward is to have an SSL wrapper around the openvpn traffic … next little project.

It’s a lot easier for the cafe firewall to block all UDP except DNS and a few select services rather than deep packet inspection to figure out that you’re running openvpn over http or https port. Only problem is that pfsense already has its main web server bound to those ports. Perhaps a user http port like TCP 8080 or 8443.
Good luck with the wrapper. Please post a walkthrough if it works.

Yeah I was just caught out, I have several OpenVPN servers running so that I have redundancy but now I see places are tightening some of their traffic.

Might be a while until I get that walkthrough up !

For those in the UK I found this in the Morrisons supermarket cafe, while I was waiting for my MOT, will have a chance to test it out in a year.